IT
S T A N L E Y M A N U F A C T U R E D A C C E S S C O N T R O L
UIDE
T R O L
4 . 2R’S GUIDE
R E L E A S E 4T MANAGER
3
Table of Contents
1. Frequently Asked Questions...1
1.1 Stanley PAC Access Control Administration Software...1
1.2 SQL Database for Stanley PAC...2
2. Installation...4 2.1 System Requirements...4 2.1.1 Server...4 2.1.2 Client...4 2.1.3 Operating Systems...4 2.1.4 Databases...5
2.2 When to Upgrade the Database Server...5
2.3 Servers and Clients...6
2.4 Stanley PAC Server...6
2.4.1 Prerequisites...6
2.4.2 Installation Directories...6
2.4.3 Databases...6
2.4.4 Microsoft Windows PowerShell...6
2.4.5 User Accounts and Start-up Tasks...7
2.4.5.1 Notes on SQL Server 2005 Express / SQL Server 2008 R2 Express Databases...7
2.4.5.2 Notes on SQL Server Databases...7
2.4.5.3 No Manual Editing...7
2.5 Stanley PAC Clients...8
2.5.1 Prerequisites...8
2.5.2 Installation Directories...8
2.6 Connectivity...8
2.7 Regional Options and Time Zone...8
3. Uninstallation...9
4. Hardware...10
4.1 The PAC 500 Access and Alarm Server...10
4.1.1 Download and Update Times...10
4.1.2 Suppression of Asynchronous Events...11
4.1.3 Authenticated Communications...11
4.1.4 TCP/IP Port Requirements...11
4.2 The PAC 512 IP Door Controller...12
4.3 The PAC 2000 Series Door Controller using IP Connectivity...12
5. Networking and Performance...13
5.1 Network Security...13
5.1.1 DCOM / Multiple Clients...13
5.1.1.1 DCOM and Firewall Address Translation...13
5.1.1.2 Restricting the Range of TCP Ports...14
5.1.1.3 Configuring Your Firewall...14
5.2 OEM Interface TCP Port 8658...14
5.3 Bandwidth Data...15
5.3.1 Download Data...15
5.3.2 Event Throughput...15
5.3.3 Minimum Client Bandwidth...15
5.4 Backup File Sizes...16 P
4 6. Tips...17 6.1 Screen Resolution...17 6.2 Multiple Monitors...17 6.3 Database Backups...17 6.4 Reports...17 6.5 PC Name Changes...17
6.5.1 Finding the Previous PC Name...18
6.6 Virtualisation...18
6.7 Stanley PAC COM+ Applications on a Domain PC...18
6.8 Using Stanley PAC on Windows Server 2003...22
6.9 Using Stanley PAC on Windows Server 2008...24
6.10 Image Capture Utility in Windows Server 2008 R2...30
6.11 Accessing Stanley PAC via Remote Desktop...30
6.12 Windows Updates and Hotfixes...30
6.13 Sending E-mail from Stanley PAC...30
6.14 USB Admin Kit with Windows Vista Business...30
7. Access Control Schematics...32
7.1 Example 1...32 7.2 Example 2...33 7.3 Example 3...34 P
Issue Record
Details Author Date Version Stanley PAC 3.1. JF 08/12/2006 V1.8 Stanley PAC 3.2. JF 31/07/2008 V1.11
Virtual server info added. SD
23/09/2008 V1.12
Stanley PAC 3.3. Updated system requirements; up-dated bandwidth usage; added info on Windows Server 2008, SMTP, and USB Admin Kit with Windows Vista; updated database information.
SD 03/07/2009 V1.13
Added frequently asked questions for Stanley PAC and SQL, hardware connectivity details; re-edited document to present a more logical structure. JC
03/12/2010 V2.0
Stanley PAC 3.4. Updated system requirements. SD
16/03/2011 V2.1
Added information on Image Capture and installing Windows PowerShell; updated references to database server requirements.
SD 27/07/2011 V2.2
Stanley PAC 4.0. Updated system requirements; up-dated PC name changes and virtualisation. SP
18/10/2012 V2.3
Stanley PAC 4.2. Updated system requirements. SD 25/04/2013 V2.4 Applicability Version Detail Name Product Code 4.2 Stanley PAC P
5
1. Frequently Asked Questions
The section provides an overview of the system requirements for Stanley PAC and the SQL database, addressing some frequently asked questions. More detailed information can be found in the following chapters.
1.1 Stanley PAC Access Control Administration Software
Q: Are there any particular requirements for the PC / server?
A: Software installation and user administration requires full local administrator rights when logged onto the PC / Server. There should be no Group Policy Objects (GPOs) applied during software installation.
Q: How is the software deployed?
A: May be installed from the CD provided by PAC, or from a network shared drive.
Q: What is the format of the installer?
A: A Setup.exe file is provided; launches a Microsoft Windows Installer.
Q: Will Stanley PAC run in a locked-down environment?
A: Yes, if installed with local rights.
Q: Can the Stanley PAC software be hosted in a Virtual Machine environment?
A: Yes.
Q: Where are the installation files written to?
A: Installation copies files to the Windows System32 folder, and writes to the Windows Registry.
Q: What services or processes will run on the PC / Server?
A: Executables: the Stanley PAC administration software (PACUI.exe) and the PAC Service Manager.
Services: The PAC Communications Engine, PAC Client Manager, PAC Event Manager, PACDatabase Manager and PAC Remote Client Configuration. The PAC OEM Interface Service may also be required if Stanley PAC is to be integrated with a Stanley Astrow Time and Attendance software database or a third party application.
Q: What is the database format?
A: SQL Server — see Section 1.2:SQL Database for Stanley PAC.
Q: Does Stanley PAC require e-mail configuration?
A: Stanley PAC can send e-mail messages in response to a system event. The SMTP server is configured within the application. It may be necessary to configure the SMTP server / firewall — see Section 6.13:Sending Email from Stanley PAC.
6 Destination Port Source Port Protocol / Direction Location Application 8085 (configur-able) Dynamically assigned TCP / Out
Stanley PAC Server PAC Client Manager
8086 (configur-able)
Dynamically assigned TCP / Out
Stanley PAC Server PAC Event Manager
8087 (configur-able)
Dynamically assigned TCP / Out
Stanley PAC Server PAC Database Manager
8086–8096 N/A UDP / Out N/A COM+ / DLLHost.exe 5020–5040 DCOM as-signed TCP / In-Out Stanley PAC Server
COM+ / DLLHost.exe (DCOM)
1.2 SQL Database for Stanley PAC
Q: What is the database format?
A: All data is stored in the SQL database on the host machine. This may be SQL 2008 R2 Express, which is included on the Stanley PAC installation CD.
Alternatively, Stanley PAC can use SQL Express 2005, SQL Server 2005 SP3 Workgroup (Standard or Enterprise), or SQL Server 2008 SP 2. SQL Server 2000 is not supported.
Q: Can Stanley PAC be installed on a separate machine from the database server?
A: No. Stanley PAC must be installed on the same machine as the database server.
Q: Does Stanley PAC require a specific SQL instance?
A: No. The Stanley PAC database can be hosted on a SQL Server with other databases, however, it must use the default instance.
Q: What Compatibility Mode is the database hosted in?
A: 80.
Q: Can the database be hosted in a Virtual Machine environment?
A: Yes.
Q: Which collation does your SQL database use?
A: Latin1_General_CI_AS.
Q: Does the Stanley PAC / SQL connection employ Optimistic Locking and Connection Pooling to minimise connection times, and close connections between calls?
A: Yes. SQL / Stanley PAC can be configured for Optimistic Locking and Connection Pooling, with minimum connection time.
Q: What is the size of the database at initial installation?
A: Approximately 15 Mb.
Q: Does Stanley PAC have any effect on the tempdb database?
A: No.
Q: What additional SQL Server jobs does the Stanley PAC database create?
A: Backup.
7
Q: Does Stanley PAC database require any of the following:Analysis Services, Reporting Services, Full Text Catalogues, SSIS packages?
A: No.
Q: Does Stanley PAC database use Extended Stored Procedures?
A: Yes — Xp-dirtree and xp-fixeddrives.
Q: Do Stanley PAC users require sysadmin access or sa login?
A: No.
Q: Do Stanley PAC users require direct access to SQL Server?
A: No.
Q: Can the system operate with Windows Authentication only?
A: No. An account is created during Stanley PAC installation.
Q: Does Stanley PAC require permissions to be granted / denied to the Public Database
role?
A: No.
Q: Does Stanley PAC need to be able to create temporary databases?
A: Yes.
Q: Do Stanley PAC users or external support persons require Fixed Server Roles?
A: No.
Q: Does Stanley PAC store any data outside of the SQL database?
A: No.
P
8
2. Installation
2.1 System Requirements
You must have administrator privilege to install Stanley PAC. It is recommended that you use the local Administrator account or any account with administrator privilege that will not subsequently be deleted from the PC.
We recommend that the Stanley PAC machine requirements, listed below, for memory and processor speed, are exceeded whenever possible.
2.1.1 Server
• IBM Compatible PC, 1.6 GHz dual core processor — 2 GHz dual core recommended.
• 1 GB RAM — 2 GB recommended if using Windows Vista or later. For increased performance, more memory is recommended.
• Minimum 2 GB of free disk space — 10 GB recommended and more may be required for large enterprise systems.
• Celeron or Atom processors not recommended.
2.1.2 Client
• IBM Compatible PC, 1.6 GHz processor — 2 GHz recommended.
• 1 GB RAM — 2 GB recommended if using Windows Vista or later.
• Minimum 2 GB of free disk space.
• SuperVGA 800×600 graphics — XGA 1024×768 recommended, 1280×1024 for alarm workstations.
• Celeron or Atom processors not recommended.
2.1.3 Operating Systems
The following operating systems are supported:
• Windows Server 2012 Standard edition — referred to as Windows 2012.
• Windows 8 Pro or Enterprise edition, 32 or 64-bit — referred to as Windows 8.
• Windows Server 2008, 32 or 64-bit; or Windows Server 2008 Release 2, 64-bit — referred to as Windows 2008.
• Windows 7 Professional, Enterprise or Ultimate edition, 32 or 64-bit; or Windows 7 Professional, Enterprise or Ultimate edition with Service Pack 1, 32 or 64-bit — referred to as Windows 7.
• Windows Vista Ultimate, Business or Enterprise edition, 32 or 64-bit, Service Pack 2 required — referred to as Windows Vista.
• Windows Server 2003, 32 or 64-bit, Service Pack 2 required; or Windows Server 2003 Release 2, 32 or 64 bit, Service Pack 2 required — referred to as Windows 2003.
• Windows XP Professional 32 or 64-bit, Service Pack 3 required — referred to as Windows XP.
10 You should also consider upgrading to SQL Server 2008 R2 Workgroup, Standard or Enterprise
for increased performance if the Stanley PAC Server has more than one CPU.
2.3 Servers and Clients
For optimum performance we recommend using Stanley PAC clients for specific functions. For example, using one client as an Alarm Viewer, one as an Enrolment Station, one as an Event Viewer, etc.
Server
We recommend the use of a dedicated PC for operation as the Stanley PAC server.
Clients
The Stanley PAC client can be easily operated alongside other applications: there is no need for a client to run on a dedicated PC.
2.4 Stanley PAC Server
2.4.1 Prerequisites
Windows Message Queuing
This is a component of Microsoft Windows, and is installed as part of the Stanley PAC installation process.
Microsoft .NET Framework Version 1.1
This software is required and can coexist with any other version of the .NET Framework — there is no need to uninstall the existing version.
Microsoft .NET Framework Version 2.0 is installed as part of the Stanley PAC installation process.
2.4.2 Installation Directories
The software is by default installed into the %ProgramFiles%\Stanley PAC folder. The installation procedure also creates folders for storing database backups and event archives. You may change the folders from the defaults during the installation process.
2.4.3 Databases
If you are installing a Stanley PAC Server and no existing Microsoft SQL Server database instance is found, the setup program requires you to install SQL Server 2008 Express, which is provided. If you have an existing SQL Server database, you may still install SQL Server 2008 Express when you want to run Stanley PAC in a separate database instance.
See Section 2.1.4:Databases for a list of supported database servers.
2.4.4 Microsoft Windows PowerShell
Before you install Stanley PAC 3.4 using the default SQL Express 2008 R2 database server on Microsoft Windows XP 64-bit, Microsoft Windows Vista 64-bit, Microsoft Windows Server 2003 64-bit Standard or Enterprise Edition, or Microsoft Windows Server 2008 64-bit Standard or Enterprise Edition, you must make sure that Microsoft Windows PowerShell is installed on your operating system.
To install Windows PowerShell:
1. On the Stanley PAC installation disk, locate the PowerShell folder, then locate the installer that is specific to your operating system.
2. Double-click on the Windows PowerShell installer to run it and follow the instructions on screen.
3. When Windows PowerShell is installed, start the installation of Stanley PAC. P
11 guest account should not be remo
The ver Databases 2.4.5.2 Notes on SQL Ser . R2 Express instance er 2008 v er 2005 Express / SQL Ser v
e full DBA access to the SQL Ser v will also ha ws Windo account in Microsoft Administrator
y user allocated a standard ault, an
By def
•
. kups them to restore database bac
w roup will allo g A C_DB A P PA
e user into the ativ administr Placing a non installation. ing roup created dur user g A C_DB A P PA
ws user allocated the Windo y anted to an r is g er 2008 R2 Express instance v er 2005 Express / SQL Ser v
DBA access to the SQL Ser
•
. les kups of these tab m bac
or les and perf C tab
A P PA
y ite the data in the Stanle ights to read and wr
has r computerr C_EKA_ A P PA installation. ing account, which is created dur
computerr C_EKA_ A P PA anted to the r Access is g • . ity is used to access the database ated Secur
r Integ
•
ver 2008 R2 Express Databases ver 2005 Express / SQL Ser
2.4.5.1 Notes on SQL Ser . y e k kupDir DBBac
, and edit the
TIONAL\EKA C INTERNAATIONAL\EKA A ARE\PPA CHINE\SOFTW HKEY_LOCAL_MA vigate to , na avigate to y ws Registr Windo y location, in the kup director the bac o change T To change . y ws Registr Windo
C database according to the path set in A y P PA the Stanle k up y to bac uesda T y er v uns at 15:30 e ault, this task r
By def . kup yBac eekl CW A P PA • . vice Manager ted — via the Ser
set to be autostar y are Engine) if the .g. vices (e t the ser uns at boot time to star This task r . tup CStar A P PA • . e ents to archiv v
viding there are enough old e ent log, pro
v the e ents in v e e y to archiv y da ay to archiv er v uns at 18:00 e ault, this task r
By def . hive c CEventAr A P PA • k. 23:00 to synchronise all access controllers with the system cloc
y thereafter at y da
er v uns at boot time and e ault, this task r
By def . kSync CCloc A P PA • our system: wing scheduled tasks are added to y
ollo The f
. roup ator to be a member of this g oper
A user does not need to be an .
ivilege y other pr database without giving him/her an
or the ator f e a user a database administr ou to mak ws y roup allo This g . A C_DB A P PA • our system: roup is added to y wing local g ollo The f
ust not be changed. andomly and m
ated r or this account is gener ord f
w pass
The . This is a user account that is used to access the database C is installed.
A P PA
y is the name of the computer on which Stanle
computerr , where computerr, C_EKA_ A P PA • k: or ail to w will f C A y P PA ou should not modify or delete it, or Stanle Y
You should not modify or delete it, or Stanle our system.
wing account is added to y ollo
The f
asks
T
t-up
2.4.5 User Accounts and Star
. ating systems ou are using one of these oper
y erShell if w o ws P Windo ou should not need to install Y
Yo
. ise Editions pr
Standard and Enter
er 2008 R2 v
ws Ser Windo ise Editions and Microsoft pr
2003 R2 Standard and Enter
er v ws Ser Windo erShell is already installed on Microsoft w o ws P Windo ault Microsoft By def Note ved m ou Y You ual Editing 2.4.5.3 No Man . itten to the MSDB database kup details are wr
ail when the bac to appear to f
kups , as this could cause bac from the MSDB database
ust not manually edit not update the door controllers
ypasses the front end and does , as this b les y access or MSSQL tab an . not update the door controllers
12
2.5 Stanley PAC Clients
2.5.1 Prerequisites
Microsoft .NET Framework Version 1.1
This software, required by Stanley PAC, can coexist with any other version of the .NET Framework — there is no need to uninstall the existing version.
Microsoft .NET Framework Version 2.0 is installed as part of the Stanley PAC installation process.
2.5.2 Installation Directories
The Stanley PAC software is by default installed into the %ProgramFiles%\Stanley PAC folder. You may change the folders from the defaults during the installation process.
2.6 Connectivity
The client PC must be in the same workgroup or domain as the Stanley PAC Server to which it is connected.
The name of the Stanley PAC Server to which the client is connecting can be specified in either the installation process or on the client login screen.
2.7 Regional Options and Time Zone
Ensure that the correct regional options and time zone for the country or region is specified on the server and client.
You can set the regional options by choosing Start › Settings › Control Panel and selecting
Regional Options, or by choosing Start › Control Panel and selecting Regional and Language Options, depending on the version of your operating system.
Once the Server / Client has been set, check that the correct time zone is set in Stanley PAC by starting the application and choosing the Tools › Options menu. Look for the Timezone setting.
13
3. Uninstallation
Stanley PAC can be removed from your system using the Add or Remove Programs item in the Control Panel, or running the Setup program from the installation disk. The prerequisite software, i.e. the .NET framework, service packs, SQL Server 2008 R2 Express, etc., are not uninstalled by this process, but can be uninstalled separately if required.
After uninstallation, the following files are (intentionally) left on your system:
• The database. If you are using SQL Server 2005 Express or SQL Server 2008 R2 Express, these files are in %ProgramFiles%\Microsoft SQL Server\MSSQL.1 and its subfolders. These files can be reused if you reinstall Stanley PAC.
• Any contents of the database backups directory.
• Any contents of the event archives directory. If you no longer need these files, you can manually delete them.
P
14 To ensure reliab ating system. our oper , depending on y ools T C A y P PA Stanle › ograms Pr All › t Star or ools T Tools C A y P PA Stanle › ograms Pr › t Star am in r ou can find a link to this prog y
ually — net segment and set their IP addresses man C 500s on the local Ether
A am to find P PA r prog dress vice IP Ad Configure De
ou can use the k, y
or our netw If static addressing is used on y
. y dress automaticall Obtain IP ad ace is set to k interf or ws PC when the netw Windo
y a ithm used b alent to the algor
This is equiv on subnet 169.254.0.0, subnet mask 255.255.0.0.
y other host y an
y to select an IP address not used b If not, it will tr
le it will use it. ailab v er is a v ser If a DHCP .
e its IP address automatically v
ie C 500 will attempt to retr A er is applied, the P PA w When po . C systems A y P PA ed on all Stanle y emplo , is not ore eatures are required and, theref C f
A y P PA vice is required where enhanced Stanle This de ating system. ws CE embedded oper Windo uses the ver C 500 Access and Alarm Ser A
P PA
The
ver
C 500 Access and Alarm Ser
A
The P
PA
4.1
ware
d
Har
4.
o ensure reliabT le, error free operation we strongly recommend the use of static IP addressing
Times
wnload and Update
4.1.1 Do
. AN W WAN er a v er o v ver o Setting up a 500 ser TB198: echnical Bulletin T Technical Bulletin er to , ref k connectivity or C 500 netw Amation relating to the P PA or
ther inf or fur F
ound on its barcode label. of the unit, which can be f
umber ial n is the ser n n , where n C500_ A P PA
C 500 attempts to set its NetBIOS node name to A
A P PA
.
wnload. of the do
k speed at the time or
, and are reliant upon the netw ximate
wnload times are appro The do Note e update e e load s holder y-e
50,000 K K 11 secs 12 mins / 40kb 14 secs
s holder
y-e
25,000 K K 3 secs 5 mins / 40kb 8 secs
g a P yholder e K Siz Time / wnload Do g pa yholder e K Ke
15 er is using a
v C 500 ser A
or use when the P PA f
les
ace has a setting that enab The user interf
onou
hr
4.1.2 Suppression of Async
This setting must not be enabled
A P PA
ty sheet, select the In the proper 2. , select the module ware d Har In the 1. vents: onous e hr o suppress async T connection. when com dialup This is intended . ents v s suppression of asynchronous e
us Events
IP connection (via a PSTN modem).
. vents Suppress async e , then select tab C 500 A . er v C 500 ser A e P PA net C 500 using the Ether A
unicating with the P PA mm C 500 uses authenticated A ault, the P PA y def
unicatio
uthenticated Comm
.1.3 A
ned off in the user This can be tur
. unications comm
ons
as required. unications comm ypted Use unencr, then select or deselect tab
C 500 A P PA
ty sheet, select the In the proper 2. . er v C 500 ser A , select the P PA module ware d Har In the 1. unications on or off: o turn authenticated comm
T
mally recommended. , although this is not nor
ace interf n the user By
4
and 8085–8086. 135, 3000–3020, ts): y UDP por ts (and if necessar TCP por wing ollo affic to the f mit incoming tr er P wer Clients Vie C Alarm A y P PA Stanle . C 500s using non-authenticated comms Aating P PA 7076 when oper
•
. C 500s using authenticated comms A ating P PA 15081 when oper • ts: TCP por wing ollo affic to the f mit incoming tr y to per It is necessar
t Requirements
or
TCP/IP P
4.1.4
C 500. A mation on the P PA or inf or more C f A y P PA our installation of Stanle y yer to the documents that accompan Ref
16
Stanley PAC Intivid VIP DVR
This is only required if the Intivid VIP DVR is being used for CCTV.
Permit incoming traffic to the following TCP ports (and if necessary UDP ports): 5300–5301, 5150–5151 and 5400.
4.2 The PAC 512 IP Door Controller
The PAC 512 IP door controller employs an on-board Lantronix Xport ethernet to serial converter to connect the controller to the network. By default, this device is configured for dynamic IP addressing and, in the absence of a DHCP server, will auto configure an IP address on subnet 169.254.0.0, subnet mask 255.255.0.0.
Static IP addressing is strongly advised. This is performed in the same manner as outlined in Section 4.1.
The Xport device is pre-configured to communicate on Port 8003.
For further information relating to the PAC 512 IP controller network connectivity, refer to the following Technical Bulletins:TB205: Setting up a PAC 512 IP over a LAN and TB200: Setting up a PAC 512 IP over a WAN.
4.3 The PAC 2000 Series Door Controller using IP Connectivity
The PAC 2000 Series door controllers employ the Lantronix UDS1100 ethernet to serial converter to connect the controller to the network. By default, this device is configured for dynamic IP addressing and, in the absence of a DHCP server, will auto configure an IP address on subnet 169.254.0.0, subnet mask 255.255.0.0.
Static IP addressing is strongly advised. This is performed in the same manner as outlined in Section 4.1.
The UDS1100 device must be configured to communicate on Port 14001.
For full details relating to the UDS1100 configuration, refer to Technical Bulletin UDS1100 Unit 2: Using with PAC 2000 Series Door Controllers — Configuration, or the e-Learning tutorial of the same name.
17
5. Networking and Performance
5.1 Network Security
This section describes how to:
• Configure DCOM for multiple Stanley PAC clients support across a firewall. This is to allow the Stanley PAC Server and Clients, which use DCOM, to communicate with each other.
• Configure firewalls on a WAN. This is required to allow the Stanley PAC Server to communicate with PAC IP controllers.
5.1.1 DCOM / Multiple Clients
To ensure maximum security on your network when using Stanley PAC clients over a firewall the range of TCP ports used by DCOM on the clients must be restricted. Section 5.1.1.2:Restricting the Range of TCP Ports describes how to do this.
5.1.1.1 DCOM and Firewall Address Translation
You cannot use DCOM through firewalls that perform address translation (NAT) — i.e. where a client connects to a virtual address, such as 198.252.145.1, and the firewall maps it transparently to the server’s actual address, such as 192.100.81.101.
P
18 .
er machine v
y connect to the SCM on the ser umbers when the
t n ight por the r
k up Clients will automatically pic .
er machine v
ou only need to do this on the ser Remember that y . ust create ou m , which y y y, which y e y k registr osoft\Rpc\Internet CHINE\Software\Micr HKEY_LOCAL_MA
w are located under the alues listed belo
named v
All of the .
iction functionality t restr
y settings that control the DCOM por al registr er v There are se ts or TCP P e of 5.1.1.2 Restricting the Rang
ect. e eff or them to tak settings in order f y wing registr ollo y of the f e changes to an ou mak y time y our machine an ust reboot y m ou , y Also . y alue entr named v ts or P y the type required b TI_SZ REG_MULLTI_SZ t the suppor
does not currently
e x edit.e reg
to configure these settings;
e x edt32.e reg ust use ou m Y You m Note Description alue ype Name not should ts alue indicates which por v named ts or P , then the N is set to alue If this v . DCOM applications or ts should be used f which por alue indicates named v ts or P , then the Y alue is set to If this v le ailab v tsInternetA or
P REG_SZ Y Always set this to Y.
ts or
P REG_MULLTI_SZTI_SZ
5141 3000–3020
Example: . ange per line r
t Specify one por
. alue meaning of this named v
mine the w deter options belo The . anges t r One or more por
T
Type V
t. unicates using this por comm
are installed on the system which y other softw are of an w Installers need to be a • k. or er the netw v unicating o ace from comm
ents the OEM Interf v
which pre
are on the system, a conflict can occur y other softw t is also used b If this por t 8658. por TCP ace using unicates with the OEM Interf
, comm w Astro .g. , e are OEM client softw
•
Issue
t 8658. TCP por unicates using are which comm
ty softw y third-par an , and w Astro .g. , e are , OEM client softw ace
een the OEM Interf There is a potential conflict betw
t 8658
or
TCP P
5.2 OEM Interface
. e v ange(s) specified abo r ts or P er in the v our ser on y y) , if necessar tsts (and UDP por TCP por
affic from all clients to the mit incoming tr
er P
•
.) t that Microsoft Outlook uses (135 is the Microsoft Exchange por
. er v our ser on y y) t 135, if necessar t 135 (and UDP por
TCP por affic from all clients to mit incoming tr er P • . er v our ser net to y affic from the Inter y all incoming tr
Den
•
ws: ollo net should be configured as f er and the Inter
v our ser een y all betw w The fire wall our Fire Y Your Fire 5.1.1.3 Configuring ts or UseInternetP REG_SZ Y or N . applications or DCOM be used f
19
Workaround
• It is possible to configure the OEM Interface to listen on a different TCP port; however it may not be possible to configure the OEM client software, e.g. Astrow, to use the new port. Therefore, if a port conflict were to occur, it would be necessary to reconfigure the third-party software to use a port other than 8658.
• Check the third-party software provider’s documentation and website for instructions on how to change the TCP ports that the third-party software uses.
5.3 Bandwidth Data
The bandwidth data below was measured using 50 PAC 500s running at 20 events per second. Event throughput stops when a download begins.
The bandwidth usage of a PAC 512 IP is considerably less than that of a PAC 500. The Serial-to-Ethernet port of a PAC 512 IP is constricted to 57.6 kb/s.
5.3.1 Download Data
Stanley PAC Server to PAC 500 Access and Alarm Server
The download begins with an initial burst of approximately 1,100 kb/s, which is followed by bandwidth usage within the range 300–780 kb/s.
PAC 500 Access and Alarm Server to Stanley PAC Server
The download begins with an initial burst of approximately 980 kb/s, which is followed by bandwidth usage within the range 20–380 kb/s.
5.3.2 Event Throughput
Stanley PAC Server to PAC 500 Access and Alarm Server
Max bandwidth:480 kb/s (approx)
PAC 500 Access and Alarm Server to Stanley PAC Server
Max bandwidth:680 kb/s (approx)
5.3.3 Minimum Client Bandwidth
A Stanley PAC client requires a minimum of 512 kb/s (full duplex) connection to its associated server.
P
5.4 Backup File Sizes
This section describes the size of files created using the backup utilities which accompany Stanley PAC.
Database Backup File Sizes
The following table lists the size of the Stanley PAC backup files with the following database settings:
• 100 Areas
• 20 Access Groups
• 20 Time Profiles
Approx DB File Size (KB) Number of Keyholders 16,000 25,000 29,000 50,000 42,000 75,000
Events Backup File Sizes
The following table shows the approximate size of the Stanley PAC events backup file for varying numbers of events.
Approx DB File Size (KB) Number of Events 40,600 250,000 81,200 500,000 162,400 1,000,000
Archive File Sizes
The following table shows the approximate size of the Stanley PAC archive file for varying numbers of events. Event archiving is a feature of Stanley PAC v2.2 and higher.
Approx DB File Size (KB) Number of Events 24,900 250,000 50,000 500,000 99,700 1,000,000
21
6. Tips
6.1 Screen Resolution
A screen resolution of at least 1024 × 768 pixels is recommended when using Stanley PAC. If you are using the Stanley PAC Alarm Viewer we recommend a screen resolution of 1280 × 1024.
6.2 Multiple Monitors
If you are using Stanley PAC on one PC for multiple functions we recommend the use of two monitors, e.g. using the Event Viewer in its undocked form on one monitor, whilst using the Alarm Viewer in the other monitor.
6.3 Database Backups
We recommend making backups of the database on a regular basis using the backup tools provided with Stanley PAC.
6.4 Reports
When running reports, we recommend using queries whenever possible to limit the size of returned data.
If you are using Stanley PAC Clients and Servers, we recommend that you do not run reports on the Server.
6.5 PC Name Changes
Changing the PC name will cause the installation of Stanley PAC on that PC to stop working. This section describes a workaround for this problem.
Workaround
1. Ensure that all Stanley PAC clients are shut down.
2. Change the PC name back to its original value — in Control Panel, open the System item and use the Computer Name tab.
3. Backup the Stanley PAC database.
4. In Control Panel, use Add or Remove Programs to remove the following programs:
• The Stanley PAC installation.
• The SQL Server 2008 R2 Express installation, called Microsoft SQL Server 2008.
5. Change the PC name to its new value — in Control Panel, open the System item and use the Computer Name tab.
6. Reinstall Stanley PAC and SQL Server 2008 R2 Express, but do not select the Preserve existing database option during installation.
7. After reinstalling Stanley PAC, choose the Start › Programs › Stanley PAC Tools › Restore Database command to restore the last database backup.
8. Download the database to the connected door controllers. This may cause disruption to door access. Make sure all users are aware before performing a download.
9. Ensure that the Server name property of any clients that connect to the server is changed to the new name. This property can be found on the logon screen of the Client.
P
22 http://suppor at Micros er to mation ref or or more inf F Notes t.microsoft.com/defa
ent log, the computer name v
In the e
item in the left ha
System k the Clic 2. , wer Vie Event y the This will displa
command a Run › t Star Choose the 1. io y the PC pr mine the name used b
o deter T To deter
vious PC Nam
6.5.1 Finding the Pre
kstations are shu or
Ensure that all w
, which is located ticle 281642 wledge Base Ar soft Kno ault.aspx?scid=kb;en-us;281642 . Computer ed in the column y e is displa . vent log system e y the nd pane to displa . w pictured belo . eventvwr and type
or to the name change:
me
uing. ore contin wn bef utdo . ents equal to or , Microsoft er or to the . um system requiremenbetter than the minim
The system resources . are VMw Hyper-V or tualisation en un on a vir C can be r A y P PA Stanle
tualisation
Vir
6.6
. name change vious computer na o locate the preT
To locate the pre 3. oduction Intr
C COM+ Applic
A
A
y P
PA
6.7 Stanle
System Requireme Section 2.1: nts — see ust be equal to or tual machine mallocated to the vir
e v tual Ser Vir vironment such as Microsoft n
i ent log to a date pr v wn the e , scroll do me
cations on a Domain PC
it is possib in a Microsoft domain, unning ou are r If y . vices vide application ser er PCs use Microsoft COM+ to prov C Ser A y P PA Stanle
le for the domain polices to stop the application running
. roup PCs kg
or lem should not occur on w This prob
d or w wn user name or pass Login failure unkno
DCOM ce: 10004 Sour EVENT ID: ent log: v ws e Windo wing error messages will be seen in the ollo
The f to log into the application.
le ou will not be ab un and y ail to r Engine) will f .g. vices (e C Ser A y P PA , the Stanle On domain PCs .
23
Cause
This problem occurs because the Log on as a batch job privilege has not been set for the identity of the COM+ package. When you set a user as the COM+ identity, COM+ adds this privilege for you.
However, if the user is a domain account and does not have the Log on as a batch job privilege set in a Group Policy Object (GPO), when the Active Directory performs an update, the identity of the COM+ package is reset and the permission is removed.
If you retype the password, COM+ will add the Log on as a batch job privilege again for the local computer.
Resolution
To resolve this problem, give the domain account the Log on as a batch job privilege in the Group Policy Object in the Domain Controller.
Procedure
1. Ensure that Administration Tools is installed on the local computer from the i386 folder on the Server disc.
2. Choose Start › Programs › Administrative Tools › Active Directory Users and Computers.
3. In the Console tree, right-click on the domain for which you want to set Group Policy.
P
24 4. Choose Properties and select the Group Policy tab.
5. Select Edit to navigate to the Group Policy Object you want to edit.
6. Choose Computer Configuration › Window Settings › Local Policies › User Rights Assignment.
25 7. Double click on Log on as batch job in the right pane.
8. Select the Add User to Group button and specify the Administrator group.
P
26
6.8 Using Stanley PAC on Windows Server 2003
By default, a Windows 2003 server disables COM+, thus stopping a client PC from connecting to the server and generating the following error message:
The component or application containing the component has been disabled
To solve the problem, the network COM+ access and network DTC access must be enabled.
Procedure
1. Choose Start › Control Panel, or Start › Settings › Control Panel, depending on the version of your operating system.
27 2. Select Add or Remove Programs.
3. Select Add/Remove Windows Components.
4. Select Application Server and choose the Details button.
5. Select the Enable network COM+ access and the Enable network DTC access
checkboxes and choose the OK button.
6. Choose the Next button to complete the wizard. 7. Choose Finish to close the wizard.
28
6.9 Using Stanley PAC on Windows Server 2008
By default, Windows Server 2008 will not let Stanley PAC clients connect. This is due to two reasons: first, by default Windows Server 2008 is not set up with the role of an Applications Server; second, by default the Windows Server 2008 firewall blocks the ports required by Stanley PAC clients to communicate.
The procedure below explains how to set up Windows Server 2008 as an application server. To find which ports to unblock on the firewall, see Section 4.1.4:TCP/IP Port Requirements. If you are using the OEM Interface, see also Section 5.2:OEM Interface TCP Port 8658.
Procedure
1. On the Windows 2008 Server, choose Start › Administrative Tools › Server Manager
to start the Server Manager.
The Server Manager starts.
29 c
and then left
Roles k on clic -Right 2.
x in the Add Role The first dialog bo
. d Roles Ad k on clic ou Y You Begin ore Bef
s wizard ( u Begin) appears.
) appea
ver Roles Select Ser
x in the Add Roles wizard ( The second dialog bo
. xt Ne k Clic 3. . ars
30 4. Left-click in the box next to Applications Server so that it contains a tick.
5. Click Next.
An Add Roles Wizard dialog box appears, informing you that in order to install the Applications server role there are features that require installing.
31 6. Click the Add Required Features button.
The third dialog box in the Add Roles wizard (Application Server) appears.
7. Read the information, then click Next.
The fourth dialog box in the Add Roles wizard (Select Role Services) appears.
32 8. Make sure that Application Server Foundation and COM+ Network Access are ticked,
then click Next.
33 9. Review the selections you have made, and then click Install.
The installation will now proceed.
When the installation is complete, the last dialog box in the Add Roles wizard (Installation Results) appears. For each feature you should see the message Installation succeeded
displayed as below.
10. Click Close and then exit the Server Manager.
P
34
6.10 Image Capture Utility in Windows Server 2008 R2
Using Stanley PAC under Windows Server 2008 R2, the Image Capture utility may fail to start. The error message An error occurred in image capture is shown.
To resolve this issue, go to the Server Manager and enable Desktop Experience in the Features section. When this feature is installed, restart the PC.
6.11 Accessing Stanley PAC via Remote Desktop
You may experience problems when using several Remote Desktop sessions to access Stanley PAC on a Windows Server 2003 / Windows Server 2008 server. For example, the user of one Remote Desktop session may only be able to see the log-in screen for another session. Therefore we recommend that, at any one time, you should have no more than one Remote Desktop session open to access Stanley PAC on a Windows Server 2003 / 2008 server.
6.12 Windows Updates and Hotfixes
We recommend that you keep any PCs that run Stanley PAC up to date with all updates available from the Windows Update website (http://v4.windowsupdate.microsoft.com), to maintain the security of your system.
Refer to PAC for update recommendations before applying any updates.
6.13 Sending E-mail from Stanley PAC
Stanley PAC connects to the SMTP server using port 25. Depending on the configuration of your network, port 25 may be blocked by anti-virus software, a corporate firewall, or your ISP. If Stanley PAC is not sending e-mail messages, reconfigure your anti-virus software or firewall to unblock port 25 or ask your ISP to resolve the issue. See also Section 5.1:Network Security and Section 5.2:OEM Interface TCP Port 8658.
If Stanley PAC is not able to resolve the name of the SMTP server to an IP address, it will not be able to send any e-mail. If Stanley PAC is not sending e-mail messages, try configuring Stanley PAC with the IP address of the SMTP server, rather than the SMTP server name.
6.14 USB Admin Kit with Windows Vista Business
Issue
This section describes an issue that can occur under Microsoft Windows Vista Business when you create a direct channel, assign a COM port to that channel and attach a USB Admin Kit to the port. If you disconnect the USB Admin Kit and restart Stanley PAC, an alarm is displayed warning you that the COM port has not been found. The direct channel is still fully configured, but the COM port has been removed.