Watchdoc - System configuration

Access the configuration interface

From the Main menu of the administration interface

1. in the Configuration section, click on Avanced configuration;
   

2. in the [Server_Name]>Advanced Configuration interface, click on System configuration:
   
   

    

→ you access the Watchdoc System Configuration interface.
Some of the information in it are the ones that were entered during the installation of Watchdoc (also in the Initial Service Configuration interface).

Since version 6.0.0.4772 , some of these infrequently used sections are presented in collapsible panels.

General warning about activating event logs.
As logs require significant resources and storage space, we recommend that you only activate them occasionally, for analysis purposes in the event of a malfunction, and then deactivate them once the diagnosis has been made.

General configuration section

• Server Id: Specify the DNS address or IP address of the server hosting the Watchdoc kernel;

• Server Name: Enter the explicit name (in natural language) of the server. This name is displayed in the various interfaces and in the statistical reports, so it must be precise. For example: "Printing site of Lille 2nd floor"; "Server Printing Building B"; "Printing server of the commercial pole of Paris".

• Description: if necessary, complete the name with a description of the server.

• Site code: indicate, if it exists, the identifier corresponding to the site. For example "LIL-ET2";

• Location: if necessary, provide information about the geographical location of the server. This information can be useful in case of physical intervention on the server. For example: "Hosted in server room 2 - 3rd floor".

• Tags: enter keywords that can be used as search criteria to easily find the server

• Regional options:

• Language: in the list, select the language of the administration website;

• Schedules: indicate in this field the usual hours of use of the printing peripherals. Enter the values "0-24" if the printing peripherals work continuously.

• Weekend: select from the list the two days during which the printing devices are not used or select the value "No rest day" if the devices operate continuously.
  The time and weekend information is mainly used to build the condition "During opening hours" when designing filters. It can also be used in activity reports.
  
  
  

Security Section

• The Super User is an administrator who has the right to access the administration interface in maintenance mode and is therefore entitled to modify the entire Watchdoc configuration:

  • Password: this is the password allowing access to the administration interface as a Super User. This account allows access to the administration site in maintenance mode. The default password is the one defined during the installation of Watchdoc. If you wish to change it, enter a new password in this field.

  • Prohibit super user access from the network: check the box if you wish, as a precautionary measure, to prevent access in "maintenance" mode in order to reserve access to the administration site exclusively from the print server, i.e. from the "http://localhost/Watchdoc/admin/" url.

  • Use Security Profiles to restrict administration rights by print queue groups: check this box if you want to enable hierarchical administration of queue groups. This way, assistants will be able to be entrusted with the administration of specific groups of queues (see How-to sheet: Enable the delegation of print queue administration).

• Subsection Obfuscation: Passwords entered in the Watchdoc administration interface can be secured by enabling an encryption algorithm. When this feature is enabled, passwords no longer appear in the application's configuration file in clear text.

  • Replicate this configuration on all servers: if the configuration takes place on the master server of a domain (master/slave configuration), tick this box if you want to replicate the obfuscation on all the servers that depend on this master server;

  • Enable password obfuscation in the configuration file: the feature is enabled by default: unckeck the box if you want to disable the password obfuscation;

  • Algorithm used for encryption: the AES algorithm is used by default.
    
    
    

Network settings section

In this section, define the technical information related to Watchdoc:

• DNS Server

  • Use Default Name: check this box if you want to use the server id (specified in the General Setup section);

  • DNS Server: check this box and fill in the field if you want to use the DNS name assigned to the print server. This name is used in any emails sent to users of the service.
    By default, Watchdoc uses the NetBios name of the server, but in case some workstations (connected to the server) cannot resolve the names correctly, as well as if the Server id is likely to change, it is advisable to specify a full DNS name, such as, for example, "server.domain.com" or the IP address (e.g.: 192.168.x.y)
    

• Public IP:

  • Autodetect public IP address: check this option to let the system detect the public IP of the server itself.

  • IP Address IP: enter directly the IP address of the server if you want to set this address yourself.

• .Net Remoting .In this section, specify the parameters for communication via .Net Remoting. These settings are only useful if Watchdoc is running in cluster mode:

  • Host Name: specify the host name of the virtual print cluster to use to contact this instance of Watchdoc.

  • Local IP: Specify the IP address of the virtual print cluster to use to contact this instance of Watchdoc.

  • Local port: In this field, specify the port number that allows the Watchdoc web site to communicate with the Watchdoc service (TCP/UDP port 5744 using the Dotnet protocol).

  For security reasons, Doxense does not recommend configuration in remote mode, which requires port 5744 to be opened.

• Web Site. Indicatethe parameters relating to the administration and usage website to which certain links (such as notification emails, for example) should point. In the event that the same Watchdoc server can be addressed by several IIS servers, please specify the "main" website, i.e. the one with the greatest visibility (DNS / firewall) for users.

  • DNS name: indicate the DNS name of the web site; It is strongly advised to use a FQDNS name (e.g. "server.foobar.com") instead of a simple host name ("FOOBAR") to avoid any DNS resolution problem

  • Security: check the box if you want to use the 'https' protocol for web links;

  • HTTP port: indicate the TCP port of the IIS server to access the server;

  • URL prefix: indicate the prefix of the url;

  • Id Server: indicate the server id if it exists.

• Subsection Client Site

  • Allow users to access the unblocker website: check this box to make an unblocker website available to users. In case the unblocking website is authorized, it is necessary to configure it (Main Menu > Configuration section > Web & WES > Web Unblocking Profiles).
    
    
    

Configure the Print Spooler section

In this section, specify the parameters that allow the administrator interface to communicate with the Watchdoc kernel.

• Print Server Indicate the mode of operation of the server:

  • Connect to local server: choose this button if Watchdoc is installed in standalone mode (see Installation manual, chapter Installation and configuration requirements); if Watchdoc^® is installed in remote or cluster mode, uncheck the box and indicate the DNS name of the print server.

  • DNS name: if Wachtdoc is installed in remote mode or in cluster, enter the DNS name of the print server on which the kernel of Watchdoc is installed (see Installation manual, chapter Installation and configuration requirements)

• Spool directory. In this section, specify the folder wich are stored the Spools Waiting queue before sending to the peripheral. The word 'spool' originally stands for 'simultaneous processing operations on line'. The print spool is the output file sent to the printing device. It contains all the commands the printer needs to execute in order to print one or more documents.. By default, the spool files are saved in C:\Windows\System32\spool\PRINTERS

• Use default spool directory: choose this button to let Watchdoc automatically detect where spool files (with .shd and .spl extensions) are saved;

• Path: choose this if you do not want to use the default folder, and specify the path to the folder where the spool files are saved. In cluster mode, it is mandatory to indicate the path of the shared spooler directory of the cluster.

• EMF. Enable or disable the advanced printing features (EMF Enhanced Metafile (or EMF) is a digital image format for Microsoft Windows systems and some printer drivers. It is an improvement of the WMF (Windows Metafile) image file with data encoded in 32 bits for improved quality.) of MS Windows. For the iniitial configuration, we recommend that you keep the default setting.

• CSR. In a client/server infrastructure, client-side rendering means that the spool is handled by the client and not by the server. The client computer sends a finalised spool file to the server. For initial configuration, we recommend that you keep the default setting.

  Activate Client Side Rendering mode to enable print job transformation (spools).

• Filtering : some print drivers systematically send a blank document called a "Low Level Local Document" before each print. The filtering function offered by Watchdoc enables these unwanted print jobs to be detected and automatically deleted

  • Automatically delete empty print jobs: Check the box to allow Watchdoc to automatically delete print jobs that do not contain any data.

• Failsafe - Print documents with errors anyway:checked by default, allows Watchdoc to print all print jobs, even if the spool files have errors that prevent metadata interpretation.

  In order to avoid blocking a certain number of prints, it is advisable to keep this box checked by default.

• Synchro subsection. Keep the default checkboxes checked:

  • Synchronize shadow printers when the service starts

  • Synchronize Shadow printer when the print thread starts

  • Synchronise Shadow printer when shared configuration is changed

  • Synchronise the Location and Description fields between Watchdoc and the Windows Spooler.

• Logs subsection:

  • Log all notifications events from the Windows Print Spooler (in the application log): check the box to enable recording of notifications;

  • Diagnose spool file path extraction (in the application log):

  • Dump all Windows Print Spooler activity to the disk (one file per printer): check this box to keep a complete trace on a hard disk, then fill in the following field to indicate where the trace file will be saved;

  • Log Path: in this field, specify the path to the file where the complete Windows spooler activity is saved.

• Accounting subsection:

  • Use the information from parsers from documents from users (use ';' as separator): list in this field the users for whom the accounting should use cursor information (separated by a semicolon):

  • Use the information from parsers from documents from stations (use ';' as separator): list in this field the users for whom the accounting should use the cursor information (separated by a semicolon);

  • Use the information from parsers from documents from IP addresses (use ';' as separator): list in this field the IP addresses for which the accounting should use parser information (separated by a semicolon).

    
    
    

Restart the server after changing the settings in this subsection.

Configure the DSP section

• Web server

  • Enable DSP A DSP is a microprocessor optimised to perform DSP applications (filtering, signal extraction, etc.) as quickly as possible. DSPs are used in most real-time DSP applications. They are found in modems (PSTN modem, ADSL modem), mobile phones, multimedia devices (MP3 player), GPS receivers, etc. They are also used in video systems, sound processing chains, wherever a complex signal is received that needs to be modified by filtering. web server: Check the box to enable the Watchdoc web server that enables interactions with the WES.

  • SSL port: specify the SSL port for accessing the DSP server (default is 5753);

  • Allow only SSL connections: check this box to force the server to operate securely with the SSL protocol;

  • Non-SSL Port: specify the Non-SSL port for accessing the DSP server (default 5754);

  • Export WEB Server public certificate: click on the button to export the Web Server certificate.
    

• Security Protocols subsection

  • Use protocols allowed by the Management System: choose this option to allow the Management System to use its own SSL and TLS settings rather than the ones that will be set.

  • Use the following settings: choose this option to use the settings that are listed next, and then check the boxes of the protocols you want to use (SSL or TLS v. 1.0, v1.1 or v1.2):

• Logs subsection

  • Log incoming requests (in the web server log): check the box if you want to log the network activity (each packet request and response) on the DSP server. By default, each web request processed by the server (W3C Log compatible syntax) is recorded in a log file on disk.

  • Log all network activity to disk (one file per request or response): Path: specify in this field the path to the folder where the log files should be saved.
    Because trace files require space on the server, we recommend that you enable logging temporarily to diagnose network activity on the DSP server and disable it once traces have been collected.

• Advanced Settings subsection

  • Maximum number of clients: specify in this field the maximum number of clients allowed to connect to the server.

  • Optimize the server for use mainly from the Local Area Network (Ethernet): check the box to enable optimization

  • Optimize the server for a large number of connected clients: check the box to enable...

  • Maximum POST request size: indicate, in Gb (Mb ?), the size of POST requests accepted by the server

  • Allow Keep-Alive connections (required for some features): check this box to allow

  • Enable automatic response compression (consumes CPU resources): check this box to compress responses provided by the server to requests sent to it by third-party applications.
    

• Reverse Proxy :tick this box if the network has a proxy and specify the proxy IP (for example http://localhost:8000)
  
  

Configure the Paybox section

Paybox^® (marketed by Verifone e-commerce) is a third-party online payment application compatible with a large number of French banks that can be associated with Watchdoc to ensure the payment of printing jobs when they are subject to payment. If Watchdoc works with the Paybox solution for payment of print jobs, the parameters need to be specified.

1. in the Paybox section , fill in the fields with the following parameters::

   • Site number: enter the site number provided by Paybox;

   • Rank number: Enter the rank number provided by Paybox;

   • Internal ID: Enter the internal ID provided by Paybox;

   • Secret key: enter the key provided by Paybox and made available to you in the customer area (Back office) or the following test key: 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF;

   • External server address; enter the IP address (or FQDN if you use port 443 and certificate) and port (80, 8080-8085 (HTTP) or 443 (HTTPS)) through which to access the Paybox site;

   • Paybox URL: Enter the URL to call the Paybox payment page;

   • Security Checks:

     • Allow only Paybox IP addresses: check the box to restrict payment confirmation to Paybox addresses only. Uncheck the box if the payment confirmation requests another system and indicate the IP of this system if necessary (IP of a reverse proxy, for example);

     • verify the signature: check the box to verify the signature with the Paybox public certificate.
       
       
       

Configure Telemetry section

WSC (Watchdoc Supervision Console) is an add-on to Watchdoc that collects and consolidates telemetry information from Watchdoc print servers by adding a Watchdoc Telemetry Module to each Watchdoc print server. To enable telemetry, WSC and a telemetry module must be installed on each print serve

• Telemetry: check the box to enable the connection between Watchdoc and WSC, the Watchdoc supervisory console. If applicable, complete the settings for this console:

  • Host: specify the name of the server on which the WD telemetry console is installed (WSC?)

  • Port: Specify the port to access the telemetry server. The default is port 5756;

  • HTTPS: check the box if you want the connection to be secure. By default, the protocol used is HTTPS.

  • Queues: check the box if you want to send to WSC the virtual queues data
    

  Since version 6.0.0.4800, the activation of telemetry on the master server is automatically replicated on the domain's slaves servers.
  

Configure the Interserver printing section

This section is used to enable inter-server printing (if not inherited from the master server) and to define its parameters (see Interserver on-demand printing):

• Storage: from the drop-down list, select the database used to store queue configuration files (and user data).

• Connection: if this is an SQL database, complete its configuration:

  • Type: select the type of database from the drop-down list;

  • SQL Server: click on the button to browse the list of servers on which SQL databases are installed;

  • Authentication: from the list, select the authentication mode for accessing the database;

  • User name: for SQL authentication, enter the name of the account authorised to administer the database;

  • Password: enter the password for the account authorised to administer the database;

  • Database: click on the button to browse the list of databases available on the server:

• Test the cluster: at the end of the configuration, click on the button to check that the databases in the cluster are connected. A message informs you of the success of the configuration. If the database is not correctly configured, messages will be displayed to inform you of the nature of the connectivity problem between the databases.

• Parameters: tick the box if you wish to activate logs of messages exchanged between servers.
  

Configure the NetPOD section

NetPOD is an old-fashioned terminal (CopiCod-IP type) connected to a printing device, allowing a PUK code to be entered or a badge to be read to unlock pending print jobs.

If you are using NetPOD, specify :

• Port: specify the port used to access the NetPOD server (5743 by default);

• Logs: specify which activity traces you wish to keep:

  • log server activity

  • record the activity of connected clients

  • record orders received from customers

  • save all activity: if you tick this option, specify the path to the folder in which the logs are saved in the Path field.
    

Configure the TCPConv / Elatec section

TCPConv from Elatec is a device equipped with a USB or RS232 port for integrating peripherals into the local area network (LAN). Simply insert TCPConv into your device's existing LAN connection. To do this, TCPConv contains 2 LAN ports, which work like a network switch.

• Port: enter the default port to the TCPConv server (if it is not the default port 5743);
  
  

Configure the LDAP section

This section only concerns WESs using OpenPlatform technology: it contains information enabling Watchdoc to be contacted by the WES in the same way as an LDAP directory.

• Server Port: enter the access LDAP server port (if it is not the default port)
  

Configure the Scan to Url section

When a scanned file exceeds a certain weight, it is not sent to the recipient as an email attachment, but as a url link. The recipient can then retrieve the document by clicking on the url.

 

To set up this function, complete the following parameters:

• Proxy address: enter the proxy address if there is one; if left blank, large files will be saved in a folder on the Watchdoc server by default

• Proxy route path : specify the proxy route if it exists;

• Link validity: indicate in the field the time (1 h. min.) during which the scanned file remains downloadable. After this time, the scanned file is automatically deleted and the download link becomes invalid.
  
  

Configure the local storage section

Watchdoc's Json database (JsonDb) is used to store certain cold information such as the stages of a scan, for example.

Some security programs may lock files stored in the JsonDb, causing problems.

This section allows you to configure local storage to change the way JsonDB files are kept: as files on disks by default or in a SQL server to avoid locking.

 

If you opt for database storage, you need to create a specific database on each server.

 

1. Configure the storage:

   • Local storage type: from the list, select the storage type (Files on disk by default or SQL database). For an SQL database, specify :

   • Connection :

     • Type: specify the type of database used;

     • SQL server: enter the path to the server or click on the button to select the server from those available in your work environment;

     • Authentication: specify the type of authentication. For MS SQL authentication, specify the details of an account authorised to connect:

       • login

       • password

     • Database: enter the path to the database or click on the button to select the database from those available in your work environment;

   • Path: for an SQLite base, enter the path.

 

2. Click the button

   • Test to check the access to the configured database;

   • Create if you create a data base for the local storage purpose.
     
     
     

Configure the Miscellaneous section

• Create a backup copy of the configuration at startup: check this box if you want to keep a file in which the application configuration is saved. By default, a backup copy of the Watchdoc configuration file is made each time the service is restarted. For performance reasons, some trivial configuration changes are not saved immediately to disk.

• Disable configuration file write cache: check this box to disable the cache

• Disable all Easter eggs: check this box if you do not want the Easter eggs embedded in the Watchdoc application to appear