Edge Server Mode

Modified on Thu, 22 Jan at 3:07 PM

TABLE OF CONTENTS

Configuring ManagementStudio in Edge Server Mode
Further Support

Configuring ManagementStudio in Edge Server Mode

Edge Server Mode enables ManagementStudio to be deployed in a demilitarised zone (DMZ), providing secure, limited functionality to users outside the internal network. This is commonly used to allow external users—such as remote workers or mobile device users—to access specific forms, surveys, or self-service features, without granting full access to the system.

Key Considerations

Database Access
- The Edge Server must have connectivity to the same database as the Primary Server.
File Storage Path
- If the Edge Server will handle file uploads or serve attachments, set the FileStoragePath in appSettings.json to the same value as used by the Primary Server.
Scheduled Tasks
- Edge Servers do not process scheduled tasks (e.g., email notifications, ESM activities, connections, housekeeping). These functions are handled by the Primary Server.
DNS Configuration
- Configure DNS so that both the Primary and Edge servers resolve to the same host name. This allows links generated by ManagementStudio to direct users to the correct server (internal or external) depending on their network location.

Setup Instructions

To configure ManagementStudio in Edge Server Mode:

Install ManagementStudio on a New IIS Server
- Prepare a new IIS server for the Edge role and install ManagementStudio as you would for a Primary Server.
Configure Database and File Storage
- Connect the Edge Server to the same database instance as the Primary Server.
- If required, configure FileStoragePath in appSettings.json to match the Primary Server for file handling and attachments.
Enable Edge Server Mode
- In the Edge Server's appSettings.json, enable Edge Server Mode by setting the appropriate value.
Specify Exposed Projects
- By default, all projects are inaccessible. Explicitly define which projects are accessible via the Edge Server.

Edge Project Settings

The EnableEdgeMode setting (true/false) in appSettings.json controls whether the server operates in Edge Mode. Each project exposed through Edge Server Mode requires its own configuration. Only projects explicitly listed are accessible; all others are excluded.

The minimum required attribute for each project is ProjectId. All other settings are optional and are treated as false or empty if omitted.

Name	Value	Description
`ProjectId`	Number	The unique identifier of the project.
`EnablePortalAuth`	true/false	Enables authentication for portal pages requiring login.
`EnablePages`	true/false	Enables Portal Pages for the project.
`EnableForms`	true/false	Enables Portal Forms (Surveys).
`EnableDmrs`	true/false	Enables DMR (Datamining Report) pages.
`EnableLegacyPortal`	true/false	Enables v13 Portal Pages.
`EnableDuSelfSchedule`	true/false	Enables Device/User Self-Scheduling for migration slots.
`EnableDashboards`	true/false	Enables Dashboard Pages.
`EnableTestSignOffs`	true/false	Enables Test Sign-Offs.
`EnableEndPointReports`	true/false	Enables End Point Reports (DRM, Ready, History).
`EnableScriptActions`	true/false	Enables Script Buttons (for custom DRM, Forms, or Pages buttons).
`BypassAccounts`	list	Comma-separated usernames allowed to access the Client/API regardless of other restrictions.
`CertificateAccounts`	list	Comma-separated list of `account\|thumbprint` entries for Report Agent Cert authentication.

Example Configuration

The following appSettings.json snippet configures the Edge Server Mode and exposes two projects with distinct settings.

"EdgeServerSettings": {
  "EnableEdgeMode": true,
  "AllowLocalTraffic": false,
  "LocalTrafficOrigin": "",
  "EdgeProjects": [
    {
      "ProjectId": 1,
      "BypassAccounts": "managementstudio,apiaccount",
      "EnablePages": true,
      "EnableForms": true,
      "EnableDuSelfSchedule": true
    },
    {
      "ProjectId": 2,
      "BypassAccounts": "",
      "CertificateAccounts": "apiaccount|6f31b3...",
      "EnablePages": true,
      "EnableForms": true,
      "EnableDmrs": true,
      "EnableTestSignOffs": true,
      "EnableDashboards": true,
      "EnableEndPointReports": true,
      "EnableDuSelfSchedule": true
    }
  ]
}

Note: If you require PowerShell scripts or web buttons (including those triggered by events or form submission) to operate through the Edge Server, set:
"AllowLocalTraffic": true
This permits script execution and button functionality originating from the Edge Server.

Usage Scenarios

Allowing external users to complete surveys: Enable only EnableForms for the relevant projects.
Permitting self-scheduling for migrations: Enable EnableDuSelfSchedule to allow users to select their migration slots.
Limiting access to the portal for specific users or integration accounts: Use BypassAccounts or CertificateAccounts to grant elevated access as needed.

This configuration supports controlled, secure external access while protecting the core ManagementStudio environment from unnecessary exposure.

Further Support

For additional assistance, visit the ManagementStudio Service Desk to search the knowledge base or create a support ticket.