Miscellaneous Administration Notes

SQL Server Issues #

IIS Issues

Browser Issues #

Virus Scanners #

Some virus scanners that are configured to scan in real-time can cause delays on the system. This tends to happen when they are monitoring the Process Director logs directory. Process Director will write audit logs and internal logs to the log files on disk. For example if you are using Microsoft Security Essentials you may see the CPU being used by “msmpeng.exe” when running Process Director forms and Process Timelines. If you are seeing this problem, exclude the following folder from the real-time scanning:

\Program Files\BP Logix\Process Director\website\App_Data\

This is the folder that contains the log files that are being written to when the system is being used.

TIFF Files #

TIFF file formats aren't natively supported in most browsers. To display a TIFF file in a browser or embedded on a Form you must install a TIFF ActiveX viewer (e.g. www.alternatiff.com, QuickTime, etc.). These viewers are provided by and supported by their respective companies. Once a TIFF viewer is installed on all users PC's, you can configure Process Director to display the TIFF files inline, instead of as a popup window in another application. This is done by adding the following lines to Process Director configuration file named vars.cs.ascx. Add to the PreSetSystemVars() function in vars.cs.ascx

bp.Vars.EmbedDocumentTypes.Add("tiff");
bp.Vars.EmbedDocumentTypes.Add("tif");

The vars.asp configuration file is located in the c:\Program Files\BP Logix\Process Director\website\custom\ directory.

DDE and Excel #

If you are unable to open Excel documents from Process Director or, upon trying to open an Excel document, ensure that DDE is enabled in Microsoft Excel. See Microsoft's documentation on this error for more information and instructions on how to enable DDE.

You should also verify that Process Director is listed as a trusted site on Internet Explorer.

Document Downloading Issues #

Process Director can store any file type. These files and documents can be viewed in the browser or downloaded to your PC. Windows Server, however, won't allow unregistered file types to be downloaded. The browser may display the following message:

HTTP Error 404 - File or directory not found.

For information on how to configure new file types in Windows IIS, refer to the Microsoft Knowledge Base article on this issue.

Installation with Multiple IP addresses #

Using two NIC’s (IP addresses) that can connect to the product presents configuration choices. The ideal configuration is to have a single DNS name that all users can access. This problem can occur when trying to have different IP’s for the intranet and Internet access.

Here are some of the configuration options to connect to the product from multiple interfaces:

Coordinated Universal Time (UTC) #

Process Director's internal timekeeping is always conducted in UTC, including all process timekeeping, start/end dates/times, etc. As such, Process Director doesn't store local times. Process Director will generally convert the UTC time to your local time automatically when the dates/times are displayed, but the actual saved dates are in UTC time (Greenwich Mean Time).

Resource Strings #

Inside the Process Director interface, most control labels are generated by Resource Strings that are located in the Resources.resx file that is located in the %InstalDir%\website \App_GlobalResources folder. Occasionally, after a Windows Update reboot, this file will, for reasons still unknown, be deleted. If this occurs, you'll see an error message similar to the following:

Error processing source URL: http://xyz.bplogix.net/admin/admin.aspx

Source: System.Web

Message: The resource object with key '___somestring___' was not found

The other error you'll occasionally see is an exception accessing a function toString(), which is the system trying to retrieve a string resource from the Resources.resx file that can't be found.

To recover from these errors, just reinstall Process Director to restore the Resources.resx file.

Simultaneous Windows and LDAP Authentication #

You can configure a Process Director installation to have both Windows and LDAP authentication enabled at the same time. To enable this, you have to enable Windows and LDAP authentication, but disable Integrated Windows authentication and disable the function that automatically adds users after they initially authenticate through Windows or LDAP. To configure the system in this way, the following flags must be set in the PreSetSystemVars() method of the custom variable file.

bp.Vars.fAuthTryAllAuthTypes = true;
bp.Vars.fAuthWindowsIntegrated = false;
bp.Vars.fAuthWindowsAutoAdd = false;
bp.Vars.fAuthLDAPAutoAdd = false;

Force TLS 1.2 on outgoing HTTP connections #

For Process Director v5.34 and higher, the default the SSL cipher used for outgoing web requests will use TLS 1.2 instead of 1.0 or 1.1, which have been deprecated for security reasons. This can be changed back by setting this in the vars:

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Ssl3|System.Net.SecurityProtocolType.Tls;

AES Encryption for Process Director v5.44.700 and Higher #

Process Director v5.44.700 and higher implements AES encryption. This encryption change provides higher security, but it does affect the migration process the first time--and ONLY the first time--you install v5.44.700 or higher from v5.44.600 or lower (except for load-balanced installations). Upgrading from v5.44.700 to any higher version will require no special action for most customers.

Please refer to the Upgrading to a Newer Version section of the Reinstall/Upgrades/Moving Hosts topic of the Installation guide, which covers the upgrade process for most customers.

Customers who manage a load-balanced installation are subject to some additional considerations, which are documented in the Installation Settings section of the Load Balancing, Standby, and Rendering Options topic of the System Administration Guide.

On-premise customers who decide NOT to upgrade to v5.44.700, should also make a specific change to their installation. BP Logix recommends that you manually edit your installation's web.config file to direct Internet Information Server to provide an auto-generated cryptographic key that will be unique to your installation.

To do so, you should edit the machineKey configuration setting in the system.web section of the web.config file so that it looks like the example highlighted in red below.

<configuration>
    // Some other configuration settings may appear here
    <system.web>
        <machineKey

            validationKey="AutoGenerate,IsolateApps" validation="HMACSHA512"

            decryptionKey="AutoGenerate,IsolateApps" decryption="AES" />

        // Some other configuration settings may appear here
    </system.web>
    // Some other configuration settings may appear here
</configuration>

Once you have made this change and saved the web.config file, the system will recompile and new AES encryption keys will be automatically generated for your installation.