Installing yuuvis® RAD service-manager
The microservices are integrated in the yuuvis® RAD service-manager service and are installed using yuuvis® RAD service-manager. All components for yuuvis® RAD client and yuuvis® RAD management-studio are also a part of this.
Ensure that the System Requirements are fulfilled before installation.
To install yuuvis® RAD service-manager, follow these steps:
Copy the yuuvis_rad_service-manager installation directory to the file system of the computer on which you want to install yuuvis® RAD service-manager with the microservices.
- Launch yuuvis_rad_service-manager_setup-<Version>.exe from the installation directory.
Enter the following microservice parameters.
The central microservice parameters will be entered in the configuration files of the microservices. Subsequent changes can be made via the Service Application Manager SAM.
Adjust the service parameters before you start the service:
- Launch yuuvis_rad_service_managerw.exe from the \service-manager\bin\ directory.
Log On > Account
Account for login to the service
yuuvis® RAD service-manager requires an administrative account.
Logging > Level Optional: Logging level for service logging Logging > Path Optional: Path for service logs Logging > Stdout Optional: Redirect the standard output to a file Logging > Stderror Optional: Redirect the standard error output to a file Startup > Arguments The port of yuuvis® RAD service-manager can be modified. Default: 7281 Java > Java options
Optional: Modify Tomcat data directories.
If the 'structureservice' and 'discoveryservice' microservices are running on different computers and/or the Discoveryservice is running on a port other than the default port (7261), then add the appropriate values, host/port of the Discoveryservice, to the configuration file <service-manager>\config\servicewatcher-sw.yml in the Structureservice section as follows:
- name: structureservice
Setting for authentication via the 'GATEWAY' microservice
The authentication can be configured via the gateway-prod.yml configuration file in the \service-manager\config\ directory.
Settings for login form (default setting)
The yuuvis® RAD user name and the yuuvis® RAD password are used for logging in:
Settings for single sign-on via NTLM
Login is performed automatically via the Windows domain session used by the user:
If the user’s domain should be taken into account during login because it is specified in the user management, then an additional parameter can be specified:
authentication.ntlm.usersubstitutionpattern: Default: '#USER#'
Specify the format in which the user name and domain are specified in the user management.
'#USER#', '#DOMAIN#', '#FQDOMAIN#'
#FQDOMAIN# is the 'Fully Qualified Domain Name'.
By default, the domain is not used so it does not need to be configured.
The log for the single sign-on can also be specified as: NTLM (default) or Negotiate. You can specify Negotiate for logins via Kerberos:
authentication.ntlm.protocol: Default: 'NTLM'
Specify 'Negotiate' for login via Kerberos.
Authentication is done via the session token for the domain. The users also need to be created as yuuvis® RAD users, for example via the Import organization operation. The password is not stored in yuuvis® RAD.
A prerequisite for successful single sign-on authentication is the correct configuration of the security zone of the yuuvis® RAD web client URL and permission for the transfer of the session token in the domain group policies or in the settings of the desired server or client workstations. Further information on this can be found here, for example.
- Settings for OAuth2 authentication (identity provider)
To do this, you will need to add the following lines to the gateway-prod.yml configuration file:
The following setting in the application-prod.yml configuration file from the \config directory of yuuvis® RAD service-manager is also required:
LDAP authentication settings
The login is done via the Windows Active Directory (domain) or LDAP server user name and password:
Authentication is then performed against the (domain) directory service, and the users must have also been set up as yuuvis® RAD users, such as via the Import organization operation.
The passwords are not stored in yuuvis® RAD, as is the case with 'NTLM'. However, users must enter their password when logging in.
In addition, the data for the connection to the directory service must be specified:
- domain: 'DOMAIN1.local'
- domain: 'DOMAIN2.local'
- domain: 'DOMAIN3\'
Providers are specified with the domain and a valid fully qualified LDAP server URL.
You can define multiple providers.
User names can be forwarded with a domain postfix extended to the appropriate provider from the list for login. This means that users only have to enter the user name without the domain, i.e., instead of 'Name@Domain', they only need to enter their name.
If users enter the user name with '@', the entry will not be expanded.
If yuuvis® RAD user names are created with a domain prefix or postfix, specify 'true' here; otherwise, set it to 'false'.
excludeuser List of users who are not logged in via the directory service, but as yuuvis® RAD users.
Other optional changes:
- SameSite attribute
- Context path
A context path is integrated via the gateway-prod.yml configuration file in the \<service-manager>\config\ directory:
management.server.port: Free port that is accessible for other yuuvis® services. Management URLs are called under the defined port not the context path.
If multiple instances of the 'Gateway' microservice are running, the management port is specified for the instances in the servicewatcher-sw.yml configuration file instead:
- name: gateway
- name: gateway_2
Alternatively, a separate profile can be used for each instance. The management port is specified either in the profile or in the servicewatcher-sw.yml configuration file.
A context path is integrated via the application-prod.yml configuration file in the <service-manager>\config\ directory: Example: gateway-context-path: '/yuuvis'
Any number of path segments with a / at the start (leading) but not the end (closing) are entered.
Create the extend.json configuration file in the <service-manager-data>\webresource\resources\client\assets\_default\config\ directory and add the block shown below:
Specify the context path in yuuvis® RAD management-studio via : Main menu > System > Settings > Core service > Global > Client path. Example: yuuvis/app/client
- Instances and memory assignments
HTTPS can be activated.
It is possible to set the SameSite attribute for yuuvis® RAD cookies: strict, lax, none.
The SameSite attribute is entered in a new line in the gateway-prod.yml configuration file in the \service-manager\config\ directory: cookie.samesite: 'strict'
A context path is used as the prefix for all URLs. yuuvis® RAD gateway can be accessed via a context path if it is running at an address as one of several services. Integration into portals is therefore possible, for example.
Microservice instances can be added and microservices can be deactivated (instances: 0) via the servicewatcher-sw.yml configuration file in the \service-manager\config\ directory.
The memory assignment for the individual microservices can be modified.
Start the yuuvis® RAD service-manager service.
It may take several minutes to start yuuvis® RAD service-manager and the microservices.
The installation wizard will start. Follow the steps described by the installation wizard.
Technical service name/
service display name
|Technical service name and service display name for service control.|
|HTTP port||Port of yuuvis® RAD service-manager. Default: 7281|
|Data directory||Data directory for yuuvis® RAD service-manager.|
IP address of the computer on which yuuvis® RAD core-service is installed.
Enter the API key of the system user. The API key required here is shown when yuuvis® RAD core-service is installed.
Access from yuuvis® RAD service-manager to yuuvis® RAD core-service is made in the context of the system user with full access rights for this.
Continued support for Oracle databases will only be available for existing installations.
|Database server||IP address of the computer on which the database is installed.|
|Database server port||Port of the database computer.|
|Database instance||Database instance name|
|Database name||Database name|
|Schema name||Schema name of the database.|
|Database user||Name of the technical user for database access.|
|Database password||Password of the technical user for database access.|
The JDBC string for the database connection is created automatically from the database information. Only edit the entry if changes need to be made for specific environments.
IP address of the rendition service.
The rendition service can be installed after yuuvis® RAD service-manager.
|Rendition server port||Rendition service port. Default: 8090|
Server and port
|IP address of Elasticsearch and port. Default: 9200|
|Password of the Elasticsearch installation.
The password is stored in the application-es.yml file.
One language can be activated: English (en), French (fr), German (de), Italian (it), or Spanish (es).
Licenses can be acquired from OPTIMAL SYSTEMS and integrated to unlock multiple and additional languages.
|IP filter for
IP addresses from which it is possible to access yuuvis® RAD core-service via the 'dms-sidecar' service.
127.0.0.1 and the address of yuuvis® RAD service-manager are prepopulated.
These addresses are required for this IP filter and are generally all that is needed.
The addresses are entered in the dms-prod.yml configuration file found in the \config directory.
If yuuvis® RAD service-manager does not start the microservices, then check the following settings in the registry editor: key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfProc\Performance\Disable Performance Counters (REG_DWORD). The value must be specified as 0.
If the operating system's language setting was changed and the microservices do not start, then check the following settings in the registry editor: key: HKEY_LOCAL_MACHINE\Microsoft\Windows NT\CurrentVersion\Perflib\009. The values need to be entered in English. Resetting the language change usually solves the problem. Information can also be found at Microsoft.
Uninstalling yuuvis® RAD service-manager
When you install yuuvis® RAD service-manager, an uninstallation program is created in the installation directory, which uninstalls yuuvis® RAD service-manager and all microservices.
Passwords in yuuvis® RAD service-manager
Passwords in the following configuration files are stored in encrypted form during installation:
archive-prod.yml, application-dbs.yml, application-es.yml, application-red.yml, erm-prod.yml, gateway-prod.yml, repositorymanager-prod.yml, servicewatcher-sw.yml
Passwords in configuration files from previous versions of yuuvis® RAD are not encrypted and will not be encrypted when an update is installed. These passwords can be encrypted as follows:
Open the command prompt as an administrator and go to the \service-manager\tools\ directory.
Run the following command: encode.bat "value" -W
The encrypted password is shown with a leading 'ENC' in round brackets: ENC(encryptedvalue)
Copy the encrypted password with the leading 'ENC' and round brackets and add it to the configuration file.
Save the configuration file.