How do I Set Up NorthScope?

Owned by Janice Dannenberg (Unlicensed)
Last updated: Nov 13, 2023 by Adam Herman
7 min read

This document will walk through a series to steps that are involved with setting up NorthScope and its related components. This will include verifying prerequisites are installed, setting up several accounts and configuring the database security.

Step 1: Confirm SQL Server Setup

Review the SQL server settings to verify it meets our requirements for a NorthScope instance:

  • SQL Server 2014 Standard Edition

  • SQL Server Reporting Services

Note that in most cases one SQL Server will run both a live and a test NorthScope instance.

Step 2: Confirm Web Server Setup

Review web server settings to verify it meets our requirements for a NorthScope instance:

  • .Net Framework 4.0 at minimum  

  • Microsoft Report Viewer 2012 Runtime

    • Note that the Microsoft Report Viewer Runtime has some prerequisites itself, most notably the Microsoft SQL Server System CLR Types

  • WCF Services -> HTTP Activation is required

Note that in most cases one Web Server will run both a live and a test NorthScope instance.

Step 3: Determine your Instance Name

Each NorthScope instance should have a unique name so you can easily identify the instance, the most common reason for having multiple instances is so that you can have a “Live” and a “Test” environment. We suggest that the instance name is used when creating the database, folder structure and various accounts so that all the components of an instance are named in a similar way.
Using the company name of “Northlake Partners” as an example, we would suggest the following naming conventions for the instance names:

  • Live Instance: NS_Live_NLP

  • Test Instance: Test_NS_NLP

Step 4: Setup Accounts

NorthScope requires several different accounts to run properly. All accounts should also be named to relate with the instance they are associated with. The below examples assume we are setting up accounts for the NS_Live_NLP instance from Step 3.

  • Windows Account: “YourDomain\NS_Live_NLP”

    • This account will be used to run the IIS application pool, the website itself, access SSRS reports and access the associated SQL database

Note that separate accounts can be setup for each of these tasks if required. NLP suggests that one account is setup to run both the live and test instance.

Step 5: Setup The Website File Structure

NorthScope application file folders should be named to indicate what instance it belongs to. Typical installation naming conventions are as follows:

  • Add a folder in a location of your choice on the web server. Using the “NS_Live_NLP” instance example, the suggested path is: C:\NorthScope\NS_Live_NLP

  • Unzip and then copy and paste the “Web” folder which contains all the application files under NS_Live_NLP

  • Grant the user created in step 4 “YourDomain\NS_Live_NLP” full control to the C:\NorthScope\NS_Live_NLP folder

Note that you will need to setup one website folder structure per NorthScope instance.

Step 6: Setup The Database

The NorthScope database should be named to indicate what instance it belongs to. Typical installation naming conventions are as follows:

  • Add a new database to the SQL Server. Using the “NS_Live_NLP” instance example, the suggested database name is: NS_Live_NLP

  • Add the user created in step 4 “YourDomain\NS_Live_NLP” to the db_owner role of the NS_Live_NLP database

Note that you will need to setup one database per NorthScope instance.

Step 7: Create Or Obtain A SSL Certificate

If you already have a certificate for the domain, please skip to the next step. If you don’t have an SSL certificate for your domain then you have two options.

  • Option 1- Purchase and install a certificate from a trusted source. This is the preferred option although NorthScope will work with self-signed certificates as well. If you would like any help with this part please reach out to NLP support for assistance. This would most commonly be used for any NorthScope websites that are exposed to the internet.

  • Option 2 - Create a self-signed certificate for your local domain. This would most commonly be used in a NorthScope setup that will only be accessed on an internal network or intranet and not exposed to the internet.

    To create a self-signed certificate, open PowerShell “As Administrator” and run the following script in the PowerShell window. In this example the “YourDomainNameHere” should be changed to reflect your specific DNS name and “YourServerNameHere” should be changed to be the server name. This script will create a self-signed SSL Certificate that is valid for 10 years.

$todaydt = Get-Date $10years = $todaydt.AddYears(10) New-SelfSignedCertificate -dnsname *.YourServerNameHere.YourDomainNameHere.Local -notafter $10years

Navigate to Microsoft Management Console (MMC) and add the snap-in for certificates at the local computer account. Copy the PowerShell Self-Signed Certificate from the Personal > Certificates folder and paste it to the Trusted Root Certification Authorities > Certificates Folder. This step will ensure that the local machine has access to the certificate.

In order for the entire domain to recognize the certificate we suggest using Active Directory Group Policy to deploy the certificate. The steps below can be used to configure the certificate deployment within active directory group policy:

  1. Log in to your Active Directory server using a domain administrator account

  2. Open the Group Policy Management Console

  3. Create a new GPO or use an existing one of your choice

  4. Right-click the desired Group Policy Object and select “Edit”

  5. Go to Computer Configuration -> Policies -> Windows Settings -> Security Settings ->Public Key Policies

  6. Right-click Trusted Root Certification Authorities, and select “Import”

  7. In the Certificate Import Wizard click Next, and in the File to Import page, click Browse and navigate to where your certificate is saved, and double click it

  8. With the cert listed in the “File name” click Next

  9. Accept the default option, Place all certificates in the following store (Trusted Root Certification Authorities), click Next, and then click Finish and OK

  10. Link the GPO to the OU of the systems you want the certificate installed onto

Note that you should only need one certificate per Web Server.

Step 8: IIS Setup

Each instance of NorthScope Live and Test should have their own Website and Application Pool with the same naming conventions as the database and file structure.

  1. Open IIS Manager on the web server

  2. Create the Application Pool

    1. Navigate to Application Pool and right click to “Add Application Pool”

      • Configure the name to match the file structure and database, using our example this would be: NS_Live_NLP

      • Verify the “.Net CLR Version v4.0.30319“ is selected

      • Select “Integrated” pipeline mode

      • Check the “Start application pool immediately” option

    2. Edit the Advanced Settings of the Application Pool

      • Select to the “Identity” setting to set a Custom account and use the user setup in Step 4: “YourDomain\NS_Live_NLP”

    3. Improve performance by adjusting the Regular Time Interval

      • This Advanced Setting determines how long before a connection that is not active is closed. Under the Application Pool Tasks, expand “Recycling”. Change the Regular Time Interval to 120 minutes.

  3. Create the Website

    1. Navigate to Sites and right click to “Add Website”

      • Enter a Site Name that matches the instance name, in our example this would be: NS_Live_NLP

      • Select the previously created Application Pool

      • Point the Physical Path to the path you are using from Step 5. In our example this would be: “C:\NorthScope\NS_Live_NLP\Web”

      • Click the Connect as button so that we can specify the account used to access the website path. Set the User Name to match the user we setup in Step 4: “YourDomain\NS_Live_NLP”

      • Set Binding Type = “https”

      • Enter Host Name as the NorthScope instance and then the full computer name or fully qualified domain name depending on tour setup.

        • If using a local domain with our instance name example this would be: NS_Live_NLP.YourServerHere.YourDomain.local

        • If using a proper domain this would be: NS_Live_NLP.YourDomain.com

      • Select your previously purchased and installed certificate or your self-signed certificate

    2. Edit the Advanced Website Settings to improve performance

      • Select IIS > Default Document and move “Default.aspx” to the top of the list

Note that you will need one website for each NorthScope instance.

Step 9: Update Web Config

For each of the folders you setup in Step 5, browse to the Web folder to edit the web.config file and update the Connection String with the following properties. Before completing this step or if you are upgrading your system please be sure you have the latest copy of the web.config file that matches your version of the software.

<add name="ERPxConnectionString" connectionString="Data Source=YourServerName; Initial Catalog=NS_Live_NLP; Trusted_Connection=True; Application Name=NorthScope;" providerName="System.Data.SqlClient" />

Step 10: Add DNS records to resolve the Website

In order to correctly route traffic to the NorthScope website you may need to make some changes to DNS settings. This may involve one or all of the steps below depending on your network setup and whether or not the website is exposed to the internet.

  • Make an entry to the Hosts file of the web server for immediate local testing of the website if no other DNS entries can be made. Using the example from above, this would involve making an entry to the hosts file similar to this: 10.10.10.10 NS_Live_NLP.YourDomain.com
    where 10.10.10.10 is our server’s IP address.

  • Setup a “Forward Lookup Zone” for your internal DNS

  • Add an A record that resolves the website Name to the IP address of the machine where the website is located

Note this will need to be done for each NorthScope website.

Additional Components

Component 1: Emailing

The Mail Queue Processor Service will process reports to files, send out emails from the RSMailQueue and process direct print ready files. To set up this service, please refer to this document: https://northlakeconfluence.atlassian.net/wiki/spaces/NDD/pages/1544618598

Component 2: Printing

Component 3: Jobs

 

Other Possible Helpful Pieces Of Information:

  • Force SSRS to run over TLS 1.2 if images are not showing up in reports when images are referenced with a web URL.

    • From: tls 1.2 - SSRS using external images through tls 1.2 leaves src(unknown) - Database Administrators Stack Exchange

      • Update the Registry to add the following keys

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001

         

      • Add the following Entry in the configuration file for Reporting Services : ReportingServicesService.exe.config in the runtime element

        • <AppContextSwitchOverrides value="Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols=false;Switch.System.Net.DontEnableSchUseStrongCrypto=false" />