Configuration for Production Environment - version 6.3
Setup a machine with Microsoft Windows Server 2008 or later and add the following roles:
- Web Server (IIS)
- Web Server
- Common HTTP Features
- Static Content
- Default Document
- Directory Browsing
- HTTP Errors
- Application Developement
- .NET Extensibility
- ISAPI Extensions
- ISAPI Filters
- Health and Diagnostcs
- HTTP Logging
- Logging Tools
- Windows Authentication (only for AD integrated portals)
- Request Filtering
- Static Content Compression
- Dynamic Content Compression
- Management Tools
- IIS Management Console
- Web Server
- Windows Process Activation Service
- Process Model
- .NET Environment
- Configuration APIs
- .NET Framework 4.5.1 Features
- .NET Framework 4.5.1
- WCF Activation
- HTTP Activation
- Non-HTTP Activation
- .Net Framework 4.5.1
You can download or install the .Net Framework from here.
If NLB or AD sync. or any other tool is in use, you should install and configure the following components
Additional system requirements for Message Queuing:
- Message Queuing
- Message Queuing Services
- Message Queuing Server
- Directory Service Integration
- Message Queuing Services
Message Queuing is a Windows Server Feature so it can be added the same way as the other Windows Features above. Here you can find some information about setting up a message queue.
Application Pool settings
The following setting must be done on the application pool of the website which runs the Sense/Net ECMS. Here you can find some information about managing application pools.
- .NET Framework version: 4
- Recommended identity is a domain user for all application pools in an NLB environment
- Process Model Idle Time-Out (minutes): 0
- reason: some features need the system to be always up (workflow, notification); every request should be served fast, even after long idle times
- Recycling / Disable Overlapped Recycle: true
- reason: more processes are not allowed to access the index in file system simultaneously
- Shutdown time limit (seconds): 180 (*)
(*) recommendation for large repositories and large number of requests
Please note that if you want to use the Performance Counters feature, the application pool user needs to be an administrator because of the necessary privileges for managing performance counters in the system.
Before changing configuration or updating/uploading dll's, the site has to be stopped, and started only after changes have been committed! Updates to configuration or changes in the webfolder bin directory may result in index malfunctioning if the site has not been stopped beforehand!
The following setting must be done on the IIS website:
- Connection String - Here you can find some information about configuring a database connection string.
- Machine Key (in case of NLB environment) : - Here you can find some information about configuring the machine key.
- Generate Keys
- Uncheck all auto generate checkbox
- Session State : SQL (in case of NLB environment) - Here you can find some information about configuring the session state.
If you configure multiple web servers you should take one additional step. In IIS Manager under the Advanced Settings of the web site you should check that the ID of your site is the same on every IIS server. If not, you should change it to match.
If Anonymous Authentication is enabled on the website it is recommended to select the "Application pool identity" user on the anonymous authentication credentials dialog (select Anonymous Authentication and select the Edit option).
File system settings
- Grant Modify access to the Application Pool User on the Web folder
If you want to apply more restrictive permission settings you may grant Modify permissions only for the configurable LuceneIndex and LuceneIndex backup folders and grant read permissions for the rest of the web folder. In this case the Lucene folders must be created manually before starting the website.
Here you can find some information about file and folder permissions.
To do the following configuration you should open and edit the web.config file located at the root of the web folder.
- Uncomment the following lines (only for sites that use NLB or AD sync), and provide the appropriate queue paths (see MSMQ#Configuration for details):
<add key="ClusterChannelProvider" value="SenseNet.Communication.Messaging.MsmqChannelProvider, SenseNet.Storage"/> <add key="MsmqChannelQueueName" value=".\private$\incomingqueue;FormatName:DIRECT=TCP:192.168.x.x\private$\outgoingqueue" />
- You can find detailed information in the Logging section of our wiki under EventLog (see Logging#EventLog)
- For every appdomain create a private queue, on the same machine as the appdomain.
- Set the security settings of the queues as follows:
- Grant at least Reveive/Peek/Send message permissions to the users that run the aplication pool of the web sites (all NLB nodes) and all the tools (e.g. Import, Backup).
- In the web.config specify the names of the servers and queues (more info: MSMQ#Configuration)