EHR Deployment Network Share Setup Updater Service Deployment EHR Shortcut Deployment
RPMS-EHR Technical Overview Presenters EHR Desktop Deployment: Mark Siminski, Software Developer VueCentric Architecture – This will entail a detailed review of the VueCentric Framework and its components. VueCentric System Management Utility – This is a tool for managing several aspects of the VueCentric Framework. Visual Interface Manager Designer – This will be a brief overview of the design mode feature of the Visual Interface Manager. Desktop Deployment – This will be a discussion of techniques utilized to deploy the EHR to the desktop and potential problems related to same. Component Configuration – This will be an in-depth overview of the configuration of each of the components within the current release of the EHR. Support Scenarios – This will be a presentation of the method to report support incidents and a discussion of some of the more common support scenarios that may be encountered.
Automated deployment is critical to any component-based application Automated deployment is critical to any component-based application. VueCentric employs two deployment techniques: The first, using an updater utility, is used to deploy the core elements of the framework to the local machine. While not considered part of the framework itself, the updater utility is extremely useful for initial deployment of the framework and for deploying updates to framework components. When the updater utility is used, the user actually launches the updater rather than the VueCentric application directly. The updater ensures that all the necessary framework elements are present, performs any necessary deployments, and then launches the main application. This process is controlled by a configuration file, is relatively transparent to the user and, when properly configured, incurs very little performance overhead. The second deployment technique is integral to the VueCentric framework and is implemented by the Component Management Service. It utilizes a just-in-time deployment approach, automatically deploying components from a master object repository as they are requested by the application.
Setting up the network shares EHR Deployment Setting up the network shares
Shared Folder Setup Copying the Distribution Log into the server that will be home for the file share. Browse to the VueCentric distribution folder by clicking Start and then Run.
Shared Folder Setup Copying the Distribution Enter the path to the VueCentric distribution folder containing the “bin” and “lib” folders.
Shared Folder Setup Copying the Distribution Highlight the distribution folder.
Shared Folder Setup Copying the Distribution Right-Click the distribution folder and select Copy.
Shared Folder Setup Copying the Distribution Browse to the directory where the network share will be located.
Shared Folder Setup Copying the Distribution Paste the files into the destination directory.
Shared Folder Setup Copying the Distribution Wait for the copy to complete.
Shared Folder Setup Setting User Permissions Select the folder to be shared. Right-click it and select Sharing.
Shared Folder Setup Setting User Permissions Select the ‘Share this folder’ radio button.
Shared Folder Setup Setting User Permissions Click Permissions.
Shared Folder Setup Setting User Permissions Click Remove to remove the Everyone group.
Shared Folder Setup Setting User Permissions Click Add.
Shared Folder Setup Setting User Permissions Choose the group of users that you wish to have access to the EHR. In this example it will be domain users.
Shared Folder Setup Setting User Permissions Highlight ‘Domain Users’ and click Add.
Shared Folder Setup Setting User Permissions Click OK.
Shared Folder Setup Setting User Permissions Leave the default share permissions with Read access and click OK again.
Shared Folder Setup Setting User Permissions Click the Security Tab.
Shared Folder Setup Setting User Permissions Verify that your group of users has Read NTFS permissions to the folder.
Shared Folder Setup Setting User Permissions Since all authenticated users have read access, no changes need to be made.
Deployment using Group Policy EHR Deployment This document describes in detail techniques for the centralized deployment of the VueCentric Updater Service to client workstations using Group Policy. This document also shows how these same techniques can be applied in the deployment of the EHR Shortcut to the client desktop. Deployment using Group Policy
EHR Deployment Use of Group Policy for centralized, unattended installation Orca installation and use Updater Service configuration and installation EHR Shortcut configuration and installation Known Values: vcUpdaterService2.msi and EHR_Shortcut2.msi (these are specially designed for unattended installation) Domain Admin username and password Active Directory Domain(s) or OU(s) to which the msi files will be deployed. UNC path to the RPMS-EHR bin directory UNC path to the msi file distribution point. Outline: I. Install Orca II. Deploy the VueCentric Updater Service A. Create a domain admin account for use with VueCentric Updater Service B. Modify the vcUpdaterService2.msi Properties Table using Orca 1) Add line for USERNAME 2) Add line for PASSWORD C. Deploy the vcUpdaterService2.msi via Group Policy D. Verify vcUpdaterService2.msi deployment on Client III. Deploy the EHR Shortcut (optional) A. Modify the EHR_Shortcut2.msi Properties Table using Orca 1) Add line for REPOSITORYPATH B) Deploy the EHR_Shortcut2.msi via Group Policy C) Verify EHR_Shortcut2.msi deployment on Client Assumptions: This document assumes Windows 2003 Server Edition is running as the domain controller. Adjustments may need to be made to the procedures for other operating system versions. This document further assumes that the Group Policy Management Console has been installed and is available to the domain administrator. If this application is not available, it may be downloaded from: http://www.microsoft.com/downloads/details.aspx?FamilyID=0a6d4c24-8cbd-4b35-9272-dd3cbfc81887&displaylang=en
Orca Tool for editing msi files Orca.exe Tool for editing msi files Allows imbedding prompt responses for unattended installations Freely available through Microsoft Platform SDK. Orca is a tool distributed with the Microsoft Platform SDK that can be used to edit Microsoft Installer (“msi”) files. In order for an msi file to be deployed via group policy, all required inputs must be imbedded within it. Orca allows the insertion of required property values into the msi so that unattended deployment can occur. Orca is provided as an msi file that may be installed on the domain administrator’s workstation. Install Orca on the domain administrator’s workstation by double-clicking on the Orca_3_1.msi file and following the prompts.
Updater Service Deployment Create a privileged account for use with VueCentric Updater Service Modify the vcUpdaterService2.msi Properties Table using Orca Add line for USERNAME Add line for PASSWORD Deploy the vcUpdaterService2.msi via Group Policy Verify vcUpdaterService2.msi deployment on Client
Updater Service Deployment Creating the vcUpdater account Open Active Directory Users and Computers.
Updater Service Deployment Creating the vcUpdater account Right click on the OU where you want to create the domain account.
Updater Service Deployment Creating the vcUpdater account Select New from the menu and user from the submenu.
Updater Service Deployment Creating the vcUpdater account Enter the name of the service account you would like to use, then click “Next”.
Updater Service Deployment Creating the vcUpdater account Create a complex password for this account and copy it to your clipboard.
Updater Service Deployment Creating the vcUpdater account Paste the password or retype it into the fields. Check/uncheck the options as shown. It is extremely important to set the password options as shown. Then click “Next”.
Updater Service Deployment Creating the vcUpdater account The creation of a mailbox is not required. Uncheck the “Create an Exchange mailbox” checkbox and click "Next”.
Updater Service Deployment Creating the vcUpdater account Click “Finish”.
Updater Service Deployment Setting the vcUpdater account permissions Locate and double-click the vcUpdater account in the right pane. Select the "Member of" tab from the properties dialog that appears.
Updater Service Deployment Setting the vcUpdater account permissions Click “Add”.
Updater Service Deployment Setting the vcUpdater account permissions Type "domain admins" and click "OK". Note: sites may have different administrative security groups defined. It is important that this account have adequate permissions to install and register updates. Any security group meeting these requirements may be used in place of “domain admins”.
Updater Service Deployment Setting the vcUpdater account permissions Click "OK".
Updater Service Deployment Setting the vcUpdater account permissions Next, the newly created account must be granted permission to run as a service and to prevent it from interactive logins. Right-click on the domain or OU to which the account belongs and select properties.
Updater Service Deployment Setting the vcUpdater account permissions Click on the "Group Policy" tab.
Updater Service Deployment Setting the vcUpdater account permissions Click “Open”.
Updater Service Deployment Setting the vcUpdater account permissions Expand the domain node by clicking on the + to the left. Click the Default Domain Policy to select it. Close any informational dialogs that may appear.
Updater Service Deployment Setting the vcUpdater account permissions Right-click the entry and select “Edit” from the popup menu. Dismiss any informational dialogs that may appear.
Updater Service Deployment Setting the vcUpdater account permissions Click the + to the left of the Windows Settings node to expand it. Repeat for the Security Settings child node and its Local Policies child node.
Updater Service Deployment Setting the vcUpdater account permissions Select the User Rights Assignments node. Locate the “Log on as a service” policy in the right pane by scrolling down the list.
Updater Service Deployment Setting the vcUpdater account permissions Double-click the “Log on as a service” entry to view its properties.
Updater Service Deployment Setting the vcUpdater account permissions Check the “Define these local policy settings” checkbox.
Updater Service Deployment Setting the vcUpdater account permissions Click “Add User or Group”.
Updater Service Deployment Setting the vcUpdater account permissions Click “Browse”.
Updater Service Deployment Setting the vcUpdater account permissions Enter the name of the newly created account in the edit box. Then click “Check Names”.
Updater Service Deployment Setting the vcUpdater account permissions Click “OK”.
Updater Service Deployment Setting the vcUpdater account permissions Click “OK”.
Updater Service Deployment Setting the vcUpdater account permissions Click “OK”.