Important considerations when running the MS Windows Services

There are several very important things to keep in mind when running the Schema Engine MS Windows Services. Most of them have to do with HOW Microsoft Windows Service applications run and the different user security configurations possible in the different MS Windows operating systems. You see, MS Windows Services are run in their own memory space by the operating system and usually under a different 'User' context than your own Windows/Network User ID. This can sometimes create confusion and might cause some conflicts which are not readily apparent. If you do have issues the symptoms are usually that the processors run fine when running locally BUT do not work when running as a service.


1) Installing or Removing the Schema Engine services (see Running as a Service). When performing either of these actions you MUST be logged into Windows with a User ID with sufficient 'security' rights to allow this. If you try to install or remove the services and the action fails contact your system administrator for assistance.


2) MS SQL Server security. If you selected 'Windows Logon (Trusted)' when you created your database schemas then not only must you be logged into Windows with a User ID that actually HAS a trusted connection to the database but the Schema Engine Windows Service(s) must ALSO be configured to run under the context of a Windows User ID which has a trusted connection to the SQL Server AND appropriate access to the Schema Database and Tables. See the image below.


Windows Service List

Note the 'Log On As' property of each service


2 continued) We recommend that if at all possible you use the 'SQL Server User ID' option when creating your schema profiles which means that the Schema Engine will use MS SQL Server security when connecting to the SQL database. Speak with your DBA if you are unsure how to do this. If you are not able to use a MS SQL Server user id then you MUST configure each of the Schema Engine services to run under the context of a Windows/Domain user which does have a trusted connection to the database. To do this, right click on each service and select 'Properties' and then fill out the 'Log On' tab with the appropriate information.


3) Using Network Shares. We strongly recommend that when selecting the 'Data Folder' in your inbound and outbound processor profiles that you use only folders on LOCAL hard drives. If you MUST use network folders then you must keep in mind the following:

Just like item 2 (MS SQL Server security) you have to keep in mind that IF you use a network share that the Schema Engine Windows services MUST run as a Network User who actually has access to that network share.

Avoid using 'Mapped' drive letters whenever possible. Mapped drives are stored in a user login script and using them only adds to the list of things that can go wrong when the service runs. Example: instead of selecting "P:\HL7\SQL Inbound" browse to the share in 'Network Places' and select the folder there so that it's "\\Server1\Public\HL7\SQL Inbound".