Table of contents:

Preparatory Steps

Before you proceed with the installation, you must determine the working environment.

• Server operating system
• Are there other relational database management systems (RDBMS), used by other programs such as InterBase and Firebird, that can interfere with the installation

Hints

What to do in the following cases:

Presence of Another Firebird Instance

If another Firebird instance is present, do the following:

• Install manually
• Change the connection port

Presence of a Restrictive Firewall

If Firewall restricts the connection ports:

• Set fixed port for messages
• Allow connection and message ports in the Firewall

If Firewall and/or the anti-virus program's firewall restricts the applications:

• Add fbserver.exe (in SuperServer) or fb_inet_server.exe (in Classic and SuperClassic) as an exception

Download Firebird

Firebird can be downloaded from:

• The official website - www.firebirdsql.org
• CFiles - www.ada-soft.net/cfiles

The currently supported version is 2.5

Use the appropriate option depending on the preparatory step:

• whether the server OS is 32 or 64-bit
• installation file (exe) or Server Package for manual installation (zip)

Sample table for determining the appropriate Server Package for Windows with the latest versions at the time of writing the documentation.

For installation on a different OS, contact AuditDesktop Customer support.

Installation of Firebird

To install Firebird, you will need administrator rights on the server.

MS Windows

There are two installation options:

• Server package installation (exe)
• Manual installation (zip)

Server package installation (exe)

The installation in this case is trivial:

1. Start the installation
2. In the Options dialog boxes, observe the following:
   
   1. Install SuperServer (The most suitable option in most cases. You can find more information on the differences between various architectures in this article)
   2. If the OS is newer than XP or 2003 server, i.e. Vista, 7, 8, or Server 2008, 2008R2, 2012, do not install an applet in the Control Panel
   3. As AuditDesktop is distributed with database access libraries, remove the ''generate GDS32.dll" and "install in <system>" check marks. You can leave the "install in <system>" check mark, if other database applications are to be used.
   4. Select Run as a service
   5. Select To use Guardian
3. Once the installation is complete, if the service is not selected to run, it must be started manually.

Manual Installation (zip)

Unzip the program archive in a selected folder. If you consider normal program installation in Windows, use \Program Files\Firebird.

For example:

c:\Program Files\Firebird\Firebird_AuditDesktop

Open the Command Prompt (with administrator rights) and go to the bin subfolder of the folder where the file is unzipped.

c:
cd \Program Files\Firebird\Firebird_AuditDesktop\bin

Install the service with a new name (by default, Firebird is installed with an instance name Firebird_Default). For example, you can use Firebird_AuditDesktop:

instsvc i -s -a -g -n Firebird_AuditDesktop

This command will create a service that:

• will start SuperServer
• will start automatically
• will use Guardian (a service that monitors whether the server is running)
• will have the name Firebird_AuditDesktop

Then it will run the service

instsvc start -n Firebird_AuditDesktop

Other Operating Systems

For installation on a different OS, contact AuditDesktop Customer support.

Aliases Setup

When setting up the connection, the path to the database is always given from the perspective of the server. For easier setup, an alias is created for the client - a name which a database file refers to. This is done in the aliases.conf file. The syntax is:

name = full_path_to_file

For example:

auditdesktop = c:\databases\auditdesktop.fdb

In this way, rather than using the full path, you can use auditdesktop as a path to the database.

Configuration

Depending on some of the features of the connection type, the security requirements, optimisation, or the presence of another instance of Firebird, additional configuration may be necessary. The configuration file is firebird.conf. You can edit the file with a text editor.

Network Settings

Settings related to network.

Port setup

If you have another instance of Firebird, you must change the port which establishes the link (if the instance is using a standard port).

The default port is 3050. The link is done using TCP protocol. To change it, use the parameter RemoteServicePort.

To remember more easily, you can use similar ports, such as 3150, 3250 or 30501, 30502, etc.

For example:

RemoteServicePort = 3150

Message port setup

Under restrictive firewalls or when the port is given as an exception, rather than the application in the OS Firewall, you must set up a port for the message exchange between the server and the client. By default, a random port is used.

The option is RemoteAuxPort. The default value is 0. You can use ports 3051 or 3151, depending on whether the main port is 3050 or 3150 (the values are given as convenient examples, they are not mandatory to use).

RemoteAuxPort = 3051

Local configuration

When there are other instances of Firebird and a local protocol (LOCAL) is used for connection to the server, it is necessary to change the parameter IpcName. The default value is FIREBIRD.

For example:

IpcName = FIREBIRDECK

Using NetBEUI

If NetBEUI protocol is used and there are other instances running, RemotePipeName must be changed. By default, it is interbas.

Security Settings

Access to database

In Firebird, limits can be set regarding the database location, i.e. where the database can be located. The client can choose where to restore a database, which is considered a potential threat - if the server process has higher access rights, the database can be created in the wrong place. The limitations are created by adjusting the DatabaseAccess parameter. The options are Full, Restrict, and None. Full is used by default.

• Full - full access, no limits on the method of use
• Restrict - folders that can be used to store databases must be indicated. The listed folders are separated with a semicolon (;)
• None - only aliases can be used

Depending on the client requirements, it is recommended that the Restrict or None option is used. This depends on whether the client works mainly with aliases or with determining a path to the database.

DatabaseAccess = None

External files

The databases can also use external files. The setup options are the same as those for database access. Currently, AuditDesktop databases do not use external files and it is desirable in this case that the setting to be None (it is such by default).

ExternalFileAccess = None

Authentication

Firebird supports the following methods of authentication (Authentication parameter)

• native - uses the name and password defined in the server
• trusted - uses the current user's Windows access rights to login
• mixed - uses a combination of the above

The current version of AuditDesktop supports both native and Windows users. If you want to use Windows/Active directory users, you must change the parameter to mixed:

Authentication = mixed

Optimisation

In cases of large amounts of data, number of connections, etc., you can change some parameters concerning the usage of system resources. Depending on the available resources, you can change some values to increase productivity. Sample configuration files with optimised cache parameters can be found at the following address: http://ibsurgeon.com/en/optimized-firebird-configuration/.

Cached pages

Number of cached pages for each database. By default, ClassicServer uses 73 and SuperServer 2048.

DefaultDbCachePages = 9999

System cache size

What percentage of memory to use for caching data. The default is 30. The value must be 10-95;

You can set the value depending on the amount of free RAM and what the server is mainly used for.

FileSystemCacheSize = 30

Temporary data

Used for sorting and temporary data. The default value in ClassicServer is 8MB. The value refers to any client/connection/server.

• for 32-bit server

TempCacheLimit = 8388608

• for 64-bit server

TempCacheLimit = 967108864

• other parameters for temporary data

TempBlockSize = 2048576

Processor cores used

When using SuperServer, the first processor core is used by default. The value is set as 1 - first core, 2 - second one, 3 - first and second ones, 5 - first and third ones, and so forth. Setting more cores in a SuperServer is effective only if two or more databases are used.

CpuAffinityMask = 1

Other parameters

LockHashSlots = 11011

Database Setup

The database can be copied to the server in several ways:

• while installing AuditDesktop - when the installation of the program is done on the server, there is an option that allows copying the database file in a specific folder
• by copying the database file in a specific folder - usually the file has an fdb extension. It is performed by simply using the Copy function of the respective OS
• by restoring the database from a client installation. Since version 1.2.6, the client installation can create and restore backups to and from the local workstation. To do so, select the GBAK option when restoring and specify the file on the local computer

Regardless of the creation method, you have to ensure that the Firebird process has appropriate access rights to use/create database files. In other words, the user that starts the service must have sufficient access rights to read, modify, and possibly create database files.

When working with AuditDesktop, it is not necessary for clients to see the database file on the network, i.e. it does not have to be shared. To ensure a higher security level, sharing the FDB file on the network is not desirable.

Program Files

One way to use the program is by installing it in a shared folder. In this case, it is preferable that the database is not installed in the same folder or in its subfolders.

If you want all users to share the same configuration, when you edit the database connection setup, select the Application folder option in the Database connection configuration. After the settings are saved, the following file will be created in the Application folder: auditdesktop.xml. In this case, all users who start the program from the shared location, will see this setting.

If nothing else is needed, share the folder as Read-only. Only people responsible for configuration and updating will have editing permissions on the folder (if that is not performed only by the server).

Summary

The following principles should be observed during installation:

1. The server installation should not interfere with the normal operation of other systems. For this purpose:
   
   1. Check if other instances of Firebird or InterBase are present.
   2. If present, and you are unsure whether they are free or whether they can be updated, install a new instance manually and make the appropriate changes.
2. Observe the installation principles of software products in the respective operating systems - for example, do not install database files in Program Files.
3. Think of the client's data security.
   
   1. The database file should not be visible and accessible on the network to all users, but only to those with appropriate permissions, unless the client wishes otherwise.
   2. Secure the location option of databases.
   3. If the clients use the program from a shared folder and do not need full access, share it as Read-only. In this way, if someone infects the program files, other users will not be affected.
   4. Do not install the database in a shared folder or its subfolders. If required to do so, ensure that it is not accessible on the network.
4. Inform the client where the databases are.
5. If the client has employees who are responsible for administering the system, inform them what is installed, what network resources the server uses, and where the databases are.