User's Manual

Full Multiuser Deployment example

Introduction

This single server deployment architecture is used in multiuser setups for small to medium sized ROB-EX Scheduler deployments with typically

  • 1-5 simultaneous planners all working out of the same physical location.
  • 1-10 simultaneous viewers
  • 1-2 sites (a site is typically a legal or logical entity)

This setup gives a cost-effective configuration in terms of hardware and time used for configuration and maintenance of the setup. All configurations can be centrally controlled from the single Robex1 server

A test environment may be configured as a separate independent site – however the test environment will be using the same client and server software and configuration, so an upgrade to a new ROB-EX version must happen simultaneously in test and production.

Deployment architecture

All server and client components are installed on one Windows Server – in this example named “Robex1

  1. The ROB-EX Scheduler Multiuser Service
    1. coordinates multiple users (i.e. ROB-EX clients) planning at the same time and persist changes to the central GanttMultiuser SQL database.
  2. The MS SQL Server containing the GanttMultiuser database
    1. The GanttMultiuser database may be placed on a separate database server. If this is selected, it is important that network bandwidth between ROB-EX Multiuser Service and the ROB-EX GanttMultiuser database is high.
  3. Integration Client Service (runs Shop Floor and automatic batch jobs like automatically generated reports). Also, it will typically be used for interfacing between ROB-EX and external systems – like an ERP system.
  4. ROB-EX Floating Licensing Service (ensures that desktop clients may be started by any user – up to the purchased count)
    1. During activation of the licensing and every 3-4 weeks after, the ROB-EX Floating Licensing Service requires internet access. This service may be deployed to any server on the network.
  5. A file share serving the ROB-EX Desktop Client program – in this example the share is named \\Robex1\RobexClient
  6. The Desktop ROB-EX clients (planners or viewers) will run on the user’s local PC – however started from a shortcut pointing to the server share \\Robex1\RobexClient
  7. The “ROB-EX Scheduler Multiuser Service” may be administrated from any web browser on the network, by windows users being a member of the MySecurityGroup\Robex_Admin group (see below)

User authentication and authorization (Windows Active Directory)

Security Groups

The recommended approach is to create the following Windows AD security groups (names are not important, you can select anything that follows the guidelines of your organization)

  1. MySecurityGroup\Robex_Planner
    1. Employees with planner rights should be a member of this group
    2. Members have read access to the file share \\Robex1\RobexClient
    3. Members have read/write access to sub-folder \\Robex1\RobexClient\custom
    4. Members are authorized with “Planner” role on ROB-EX Scheduler Multiuser Service
  2. MySecurityGroup\Robex_Viewer
    1. Employees with view only rights should be a member of this group
    2. Members have read access to the file share \\Robex1\RobexClient
    3. Members are authorized with “Viewer” role on ROB-EX Scheduler Multiuser Service
  3. MySecurityGroup\Robex_Admin
    1. Employees which will administrate the ROB-EX solution should be a member of this group
    2. Members have read/write access to the file share \\Robex1\RobexClient
    3. Members are authorized with “Admin” role on ROB-EX Scheduler Multiuser Service
  4. MySecurityGroup\Robex_SQL
    1. Employees and services that needs to insert or query data from the GanttMultiuser database are a member of this group
    2. Members have owner role on the GanttMultiuser SQL database (create/modify on tables and insert/update/delete on rows)

If deploying to a scenario with multiple ROB-EX sites, it is necessary to create different AD groups for Planners and Viewers for each site. But only one common Admin group is necessary.

Example:

  • Robex_Planner_Site1, Robex_Viewer_Site1
  • Robex_Planner_Site2, Robex_Viewer_Site2

If a parallel ROB-EX test system is created, we advise you to create extra AD groups for this. Example:

  • Robex_Planner_Test
  • Robex_Viewer_Test

Windows Users

As a minimum create a RobexService Windows user. This user will run the ROB-EX Services involved

  1. Is a member of MySecurityGroup\Robex_Admin
  2. This user is authorized to run local services on server Robex1
  3. Otherwise the user has minimum privileges. However the user must have read/write access on file system level to
    1. c:\program files (x86)\ROB-EX\ganttServer\server\gantt (and below)
    2. c:\program files (x86)\ROB-EX\planner (and below)

It is in addition recommended that a RobexAdmin Windows user is created having Administrator rights on the Robex1 server. This user is typically used by the ROB-EX Partner installing and configuring the solution. It is common to provide remote access rights via VPN+RDS for the ROB-EX Partner, so they during initial deployment may install and configure the solution.

  1. Is a member of MySecurityGroup\Robex_Admin
  2. Is a member of MySecurityGroup\Robex_SQL
  3. Has Administrator rights on server Robex1
  4. Should be able to start Microsoft SQL Management Studio from Robex1 and connect to the GanttMultiuser database

PC Requirements

Server Robex1

For hardware requirements see here

By default, the following service ports are used by the ROB-EX Multiuser server application, firewall rules must be opened for these ports:

  1. 11099 (naming service – this is the port number used by ROB-EX clients)
  2. 11098 and 4444 (RMI)
  3. 8080 (internal web-server for user administration)

Additional internal misc. ports used are

  1. 8083, 8093, 8009

Local users PC’s (User 1 PC, User 2 PC, etc.)

For hardware requirements see here

Ongoing IT Maintenance

After initial go-live the following IT related maintenance activities must be scheduled

  1. Daily backup of the GanttMultiuser database. The database typically will not grow larger than 1 GB
    1. In case of a data disaster then the IT department must be capable of restoring the backup into the GanttMultiuser database
  2. Weekly backup of the \\Robex1\RobexClient file share
    1. This to ensure that any changed configurations are persisted permanently
  3. Monitoring of server Robex1
    1. Ensuring the server is up and running
    2. Ensuring the ROB-EX Services are all sound and alive
  4. Handle a typical yearly update of the ROB-EX software components (server and clients).
    1. Handled by temporarily stopping the services and running installers to update the software to the latest version

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment