Two things you need to do:


1.) Add the remote workers to the "trustedHosts" property. Separate multiple entries with spaces. (CS182327<)">https://support.ptc.com/appserver/cs/view/solution.jsp?n=CS182327>)

Example:

xconfmanager -s wt.auth.trustedHosts=192.168.21.27 -p



2.) Add the path to the Creo executable on the remote worker to the "whitelist" property.

Example: (We have the Creo Adapters installed on the "E:" drive in the "ptc" folder)

xconfmanager -s worker.exe.whitelist.prefixes="E:\\ptc" -t codebase/WEB-INF/conf/wvs.properties -p

These are with Windchill 10.2 M020.

Tom U.

Ok that was a missing piece of the puzzle.

What I don't get is where is the server listed in the white list? What if I set up multiple worker machines? How does it know which machine that path is on?

I'm going to have a doc worker with LiveCycle on one windows machine and a CAD worker on another windows machine.

David Haigh

If you really want to you can specify the hostname in the whitelist. Instead of using "worker.exe.whitelist.prefixes", use "worker.exe.whitelist.prefixes.<host name=">". This way you can specify a unique location on each host. (See CS140965<)">https://support.ptc.com/appserver/cs/view/solution.jsp?n=CS140965>)

I didn't bother to do this since all workers defined by "trustedHosts" have the Creo adapters installed in the same location on their respective machines.

Tom U.

On 03/23/15 15:34, Haigh, David A. wrote:
>
> Ok that was a missing piece of the puzzle.
>
> What I don’t get is where is the server listed in the white list? What if I set up multiple worker machines? How does it know which machine that path is on?
>

It doesn't know or care. The whitelist is merely a list of "whitelisted" commands or prefixes that are suitable to run on any worker machine. Which machine the command(s) are run on is setup when you configure the worker.

> I’m going to have a doc worker with LiveCycle on one windows machine and a CAD worker on another windows machine.
>
> David Haigh
> Phone: 925-424-3931
> Fax: 925-423-7496
> Lawrence Livermore National Lab
> 7000 East Ave, L-362
> Livermore, CA 94550
>
> *From:*Uminn, Tom [mailto:-]
> *Sent:* Monday, March 23, 2015 12:04 PM
> *To:* Haigh, David A.; -
> *Subject:* [solutions] - RE: Dummys Guide to Whitelist Setup in 10.2 ???
>
> Two things you need to do:
>
> 1.)Add the remote workers to the “trustedHosts” property. Separate multiple entries with spaces. (CS182327 <)">https://support.ptc.com/appserver/cs/view/solution.jsp?n=CS182327>)
>
> Example:
>
> xconfmanager -s wt.auth.trustedHosts=192.168.21.27 -p
>
> 2.)Add the path to the Creo executable _on the remote worker_ to the “whitelist” property.
>
> Example: (We have the Creo Adapters installed on the “E:” drive in the “ptc” folder)
>
> xconfmanager -s worker.exe.whitelist.prefixes="E:\ptc" -t codebase/WEB-INF/conf/wvs.properties -p
>
> These are with Windchill 10.2 M020.
>
> Tom U.
>
> *From:*Haigh, David A. [mailto:-]
> *Sent:* Monday, March 23, 2015 2:33 PM
> *To:* Haigh, David A.; - <">mailto:->
> *Subject:* [solutions] - RE: Dummys Guide to Whitelist Setup in 10.2 ???
>
> I guess I should point out I’m on Windows so I guess the unix command nohup isn’t needed.
>
> Also the worker machines are not on the windchill server so the examples they give of C:\|D:\|G:\| don’t really tell me what I need to know to specify a separate worker machine.
>
> I’d also like the command syntax for the windchill shell to set this up.
>
> David Haigh
> Phone: 925-424-3931
> Fax: 925-423-7496
> Lawrence Livermore National Lab
> 7000 East Ave, L-362
> Livermore, CA 94550
>
> *From:*Haigh, David A. [mailto:-]
> *Sent:* Monday, March 23, 2015 11:14 AM
> *To:* - <">mailto:->
> *Subject:* [solutions] - Dummys Guide to Whitelist Setup in 10.2 ???
>
> OK, PTC sent me a link to https://support.ptc.com/appserver/cs/view/solution.jsp?n=CS140965
>
> I looked at the 10.2 install guide and read the following information in wvs.properties.xconf file.
>
> I’m confused.
>
> Does someone have a dummy’s guide to setting this up?
>
> Assume I have three workers where the machine names are*Barney*, *Fred*, & *Stonequarry*.
>
> Step by step How would I set this up?
>
> I assume I’m doing this in the windchill shell.
>
> From the wvs.properties.xconf file:
>
> ===========================
>
> **************************************************************************
>
> * WORKER EXECUTABLE PREFIX SETTINGS *
>
> **************************************************************************
>
> The following properties specify the trusted worker startup commands or their prefixes. If
>
> the executable of a worker matches one of the commands or prefixes listed, the worker is
>
> eligible for auto-start by the Worker Agent. Otherwise, it is not eligible for auto-start.
>
> If a worker command is to be specified in the list, then the complete worker startup command,
>
> not just a portion of it, should be included. For example:
>
> nohup /usr/object_adapters/10.1/cadds/caddsworker &
>
> If a prefix of a worker command (or commands of workers installed under the same directory)
>
> is to be specified in the list, the prefix must end with a name of a directory. For example,
>
> if one of the prefixes in the whitelist is
>
> nohup /usr/object_adapters/10.1
>
> a worker whose exe is "nohup /usr/object_adapters/10.1/cadds/caddsworker &" (or any worker
>
> whose exe is prefixed with "nohup /usr/object_adapters/10.1/") is eligible for auto-start.
>
> But a worker with an exe of "nohup /usr/object_adapters/10.1x/cadds/caddsworker &" or
>
> "/usr/object_adapters/10.1/cadds/caddsworker &" will not be eligible for auto-start.
>
> The vertical bar (pipe) character is used as a delimiter to separate multiple worker commands
>
> or prefixes in the property value. For example:
>
> D:\apps\remoteworkers|nohup /usr/object_adapters/10.1/cadds/caddsworker &
>
> -->
>
>
>
>
>
>

So this worker.exe.whitelist.prefixes.<worker_host>=<prefixes>

I would configure like this? (for workers called stonequary & flintstone)

xconfmanager -s worker.exe.whitelist.prefixes.stonequary="C:\ptc\creo_view_adapters\proe_production" -t codebase/WEB-INF/conf/wvs.properties -p
xconfmanager -s worker.exe.whitelist.prefixes.flintstone="C:\ptc\creo_view_adapters\doc_production" -t codebase/WEB-INF/conf/wvs.properties -p

David Haigh

Close. Backslashes in the path have to be entered twice "\\". When viewing the property (xconfmanager -d ...) it will only display them once.

Again, keep in mind, you probably don't need to whitelist quite so deep. All this is doing is telling Windchill that it may only run executables if they exist in this path.

Tom U.

Ok so as Randy pointed out I wouldn't then need to configure this for both servers.

xconfmanager -s worker.exe.whitelist.prefixes="C:\\ptc" -t codebase/WEB-INF/conf/wvs.properties -p

I started printing out sections of the Visualization Services Guide. Instead of giving the users examples and why, they seem to go into all the detail I don't really need, and skip the how and why of different configuration options.

Your one phrase, "All this is doing is telling Windchill that it may only run executables if they exist in this path." Told me more than I'd figured out from what I've read so far.

David Haigh