Edge Server Mode

Modified on Fri, 13 Dec at 8:43 AM

Configuring ManagementStudio in Edge Server Mode


Sometimes, ManagementStudio needs to be installed in a DMZ to provide functionality to users outside the company network. A common scenario is enabling users to fill out forms or surveys from their phones or work-from-home devices. In such cases, full access to ManagementStudio is neither necessary nor desirable. Edge Server Mode allows you to set up an instance of ManagementStudio while limiting most of its functionality from being accessible externally.


TABLE OF CONTENTS


Key Considerations

  1. Database Access
    • The Edge Server must have access to the same database as the Primary Server.
  2. File Storage Path
    • If the Edge Server handles file uploads or presents attachments, the `FileStoragePath` in its `appSettings.json` must point to the same location as the Primary Server.
  3. Scheduled Tasks
    • Edge Servers do not run scheduled tasks. Tasks such as email dispatch, ESM operations, connections, and housekeeping are managed by the Primary Server.
  4. DNS Configuration
    • DNS entries for both the Primary and Edge servers must resolve to the same name. This ensures that links generated by ManagementStudio work seamlessly, whether accessed internally or externally, directing users to the correct server based on their network location.


Setup Instructions

To configure an Edge Server:


  1. Create a New Server
    • Set up a new IIS server and install ManagementStudio as you would for a Primary Server.
  2. Configure Database and File Storage
    • Ensure the Edge Server connects to the same database as the Primary Server.
    • Set the `FileStoragePath` in the `appSettings.json` to match the Primary Server if file handling is required.
  3. Enable Edge Server Mode
    • In the Edge Server’s `appSettings.json`, enable Edge Server Mode.
  4. Define Exposed Projects
    • By default, all projects are locked down. Explicitly define the projects to be exposed through the Edge Server.


By following these steps and considerations, you can securely configure ManagementStudio in Edge Server Mode to provide necessary external access without exposing the full system.



Edge Project Settings


EnableEdgeMode (true/false) controls if the server is running in Edge Mode. After that each project requires their own set of settings to control their specific access. If a project is not explicitly described in the settings it will be disabled.


When describing an Edge Project the 'ProjectId' is the only setting that is required, all else are optional and assumed false/empty if not present


NameValueNote
ProjectIdNumberThe Id of the Project that these Edge settings describe.



EnablePortalAuth

true/falseIf a portal page is using a wrapper that requires authentication then this companion setting is also required 
EnablePagestrue/falseEnable Portal Pages,
EnableFormstrue/falseEnable Portal Forms (Surveys)
EnableDmrstrue/falseEnable DMR Report pages
EnableLegacyPortal
true/falseEnable v13 Portal Pages
EnableDuSelfScheduletrue/falseEnable DU Self-Schedule where users can select their migration slot
EnableDashboardstrue/falseEnable Dashboard Pages
EnableTestSignOffstrue/falseEnable Test Sign-Offs
EnableEndPointReportstrue/falseEnable End Point Reports (DRM, Ready, History)
EnableScriptActionstrue/falseEnable Script Buttons, required if there are custom buttons on any DRM, Forms or Pages



BypassAccounts
listA comma-delimited list of user accounts that can still access the Client/API
CertificateAccounts
listA comma-delimited list of user accounts in the format account|thumbprint, that are associated with a Report Agent Cert for authentication


Example

The following is an example appSettings.json file that 

  • Enables the Edge Server Mode
  • Project 1
    • Enable only the Portal Pages that allow users to sign off surveys and schedule their migration slot
  • Project 2
    • Allow two specific accounts to access the Client/Api
    • Enable lots of different types of Portal Pages
    • Enable DMR Reports and Endpoints


	"EdgeServerSettings": {
	  "EnableEdgeMode": true,
	  "AllowLocalTraffic": false,
	  "LocalTrafficOrigin": "",
	  
	  "EdgeProjects": [
		{
		  "ProjectId": 1,
		  "BypassAccounts": "managementstudio, apiaccount",
		  "EnablePages": true,
		  "EnableForms": true,
		  "EnableDuSelfSchedule": true
		},
		{
		  "ProjectId": 2,
		  "BypassAccounts": "",
		  "CertificateAccounts": "apiaccount|6f31b3...",
		  "EnablePages": true,
		  "EnableForms": true,
		  "EnableDmrs": true,
		  "EnableTestSignOffs": true,
		  "EnableDashboards": true,
		  "EnableEndPointReports": true,
		  "EnableDuSelfSchedule": true
		}
	  ]
	},