Before you start:

Prerequisite for the installation of the primedocs server is a Microsoft SQL Server database to store the data. If you cannot use an existing database server, you can perform a SQL Express installation as described here. The correct configuration of the SQL user for primedocs is described here.

Installation

The installation package contains a PowerShell script "Install.ps1" that performs the installation. The script must be run as administrator because, among other things, missing Windows features are activated.

Execution Policy

To run the script, the execution policy must be set to Unrestricted:

If you want to adjust the execution policy only temporarily for the installation, it can be set as follows:

The following question must be answered with y for "Yes":

Run script

The installation zip file must be unpacked beforehand.

In the "Install_Customization.ps1" file, adjustments can be made if it is not a standard installation. The corresponding setting options are described in the file.

When calling "Install.ps1", arguments can be given. These are described in the file in a large comment (in "Usages").

Default call (for this you must first navigate to the installation directory, e.g. with cd "C:\temp\primedocs_Install_Package"):

Further call options are described in "Install.ps1" in "Usages", e.g. the specification of a service account, if no SQL user is to be used.

The two databases from the above example ("primedocs_Prod" and "primedocs_Prod_Operation") can either already exist as empty databases. Otherwise they will be created automatically by the primedocs server applications (for conditions see SQL server roles / permissions).

By default, the script asks the user for information and confirmations. If this is not desired, -Force $true can be supplied as an argument.

Script procedure

1. Check required Windows features

The first step is to verify that all required Windows features (including the Internet Information Service (IIS) with http://ASP.NET) are installed and that the hosting bundle for .NET 6 applications is installed.

2. "primedocs" website in IIS

The next step is to verify whether a "primedocs" website is already registered with its application pools in IIS. If this is the case, it will continue with the next step.

If the website is not found, you will be asked if it should be created, with the installation path and port specified. The default settings are displayed in the output. The script also creates the following application pools in IIS:

• primedocs-Managed:
  Responsible for the .NET Framework-based server applications

• primedocs-Unmanaged-[...]:
  For all server applications, a separate application pool is created, such as primedocs-Unmanaged-AddressService for the "AddressService" or primedocs-Unmanaged-HealthMonitor for the "HealthMonitor".

3. "primedocs" web applications

In this step the actual web applications are put in the "primedocs" website. If the applications are already installed, you will be asked if an update should take place. In case of an update, we recommend contacting our support.

4. "primedocs JobHost" scheduled task

In the last step you are asked, whether the "primedocs JobHost" should be set up as a "scheduled task". The primedocs JobHost is a console program that updates user data in the background at a certain interval, for example. Therefore, it should be installed.

Completing the server installation

After the installation, both the IIS and the web applications and the scheduled task should be installed.

Service Account

The default installation assumes the use of an SQL user. However, it is also possible to run the primedocs server applications using a service account. For this, ensure the following configuration:

1. The service account can connect to the SQL Server or to the future database.

2. The service account is a member of the https://docs.microsoft.com/en-us/iis/get-started/planning-for-security/understanding-built-in-user-and-group-accounts-in-iis#understanding-the-new-iis_iusrs-group .
   This step is done automatically by the installation script if a security account is specified when calling it via arguments (see "Usages" in "Install.ps1" file) and the corresponding query is confirmed..

3. For the IIS_IUSRS group, Log on as batch and Impersonate a client after authentication must be stored in the Local Security Policy (this corresponds to a standard IIS installation).
   Administrative Tools → Local Security Policy → Local Policies → User Rights Assignment

4. The service account has modification rights on the primedocs application and log directory (in the default installation this is the same folder).
   This step is automatically taken care of for the application directory by the installation script if a security account is specified when called via the arguments (see "Usages" in "Install.ps1" file) and the corresponding prompt for change rights is confirmed.

5. The service account must be stored in IIS as a user in all primedocs application pools.
   IIS → Application Pools → Advanced Settings → Identity → Custom account
   This step is done automatically by the installation script if a security account is specified when called via the arguments (see "Usages" in "Install.ps1" file).

6. The service account must be stored as executing user in the "primedocs.JobHost" task.
   Task Scheduler → Task Scheduler Library → primedocs.JobHost → Properties
   This step is done automatically by the installation script if a security account is specified in the call via the arguments (see "Usages" in "Install.ps1" file).

7. The service account is used in SQL-ConnectionString (passed as argument during installation or customize it in "primedocs.config"-file).
   This step is done automatically by the installation script if the correct ConnectionString is specified in the call via the arguments (see "Usages" in "Install.ps1" file).