Before installing FotoWeb 7.0 on your server:
1. Make sure the server meets the system requirements outlined in the previous topic.
2. Configure your network settings.
3. Install FotoWeb your server and configure it using the FotoWeb Admin Console. (Future versions of FotoWeb will support full administration through the Operations Center web interface.)
The details surrounding these steps are outlined below.
Since FotoWare 7.0 Service Release 2, the installers automatically take care of installing the required components on the server.
Having set up IIS you should make sure the server allows incoming client connections and that FotoWeb can communicate with the log server.
Communication between FotoWeb and its clients uses TCP port 80, the regular HTTP port, which must be opened in the server's firewall and in any proxy that stands between the FotoWeb server and the external network.
You will also need to open TCP port 7000 to allow system administrators to access the site through the Operations Center. If the FotoWeb server is placed in a DMZ, you will have to open port 7000 for administrators on your internal network.
To make it easy for administrators and operators to access the Operations Center and the configuration panels for all installed server applications, we recommend that you enable single sign-on. This is achieved by using Internet Explorer as your web browser and adding the Operations Center server to your list of local intranet sites.
Also, as previously stated in the system requirements, FotoWeb communicates with the FotoWare Log Server using UDP port 7000. You should therefore make sure that no other services on the server claim this port and interrupt the logging service. Microsoft's DNS server can typically interfere with this port since it can be configured to use an arbitrary port. Hence, if you are using Microsoft's DNS server, you should make sure that it has been explicitly set not to not allow connections on UDP port 7000.
FotoWeb requires the Index Manager search engine to allow advanced metadata searches. Communications between these two server applications is based on the FotoWare Protocol, which by default runs on port 7000. The FotoWare Protocol allows FotoWeb to pass searches and edit metadata on the files in the archive without having physical file access, since it is Index Manager that performs these operations on the file level.
However, FotoWeb relies on direct file access over SMB for downloads and workflows as well as for high-resolution zooming of files in the archive. Hence, the process account set on the FotoWeb server should have access to the share containing the archived files. For the specific access permissions required, please refer to this topic: Permissions on Indexes and Archives
When installing FotoWare server software on a Windows 2008 server, the default User Access Control settings on the server may need to be modified by changing a setting in the Local Security Policy. An explanation will be in order:
As outlined in the System Requirements, the process account that is used for accessing files on the server or domain needs to be a member of the local Administrators group on the server where the FotoWare software is installed. It also needs to be a member of the FotoWare Administrators group that is created on the server during installation of the Operations Center. (The Operations Center installer will automatically put all members of the Administrators group into the FotoWare Administrators group. You can remove users that you do not want to be able to configure FotoWare services by manually removing them from the FotoWare Administrators group after installation.)
However, Windows Server 2008 has different User Access Control settings for the built-in Administrator account than other users that are subsequently added to the Administrators group. Specifically, the built-in administrator does not need to validate administrative tasks (what Microsoft calls "Admin Approval Mode"), while users that you manually add to the Administrators group will need to do so by default.
Hence, if you create a new user on the local server, or a domain user for that matter, that you add to the Administrators group and the FotoWare Administrators group, this user will by default have Admin Approval mode switched on. This will interfere with the FotoWare services causing them to malfunction, so you will need to modify the Local Security Policy on the server to disable Admin Approval mode for all administrators. A step-by-step explanation follows. You can change this setting either before you install the FotoWare software or after, but you will not be able to configure or successfully run the FotoWare services until you have done so.
Open the Windows Menu (Start Menu) and choose Administrative Tools | Local Security Policy
Expand Local Policies, then click on Security Options.
Scroll down to near the bottom of the list where you find an entry called User Access Control: Run all administrators in Admin Approval Mode.
Double-click this entry and change its setting to Disabled. Then click OK to save the changes.
Restart the server for the changes to take effect.