Ideagen Luminate logo Ideagen Luminate logo
Navigation
Need help?
Send feedback
Sign in
This page does not meet FedRAMP security standards. Please avoid entering sensitive or classified information. Learn more
Learn more
Learn more

Looking for help?

Common queries

View all

Send us feedback

Megaphone illustration

Before you start

This form is for Ideagen Luminate feedback only. Your submission will not receive a response.

Looking for support? Select the solution you need help with and open a ticket with us.
New article Recently updated

Configuring Please Review 7.0

By Alan Blair
  • Last updated
⌘ K
Search this article
Print this article
Who is this article for?

IT Personnel performing the installation of Please Review.

IT access is required.

Important: This article is part of a series of articles covering the Please Review installation process. Please visit Performing a Please Review 7.0 Installation to view the entire process.

With the database and website configured you are ready to configure the Please Review application.

This article outlines the essential steps to configure Please Review and is split into the following sections:

  1. Rename Template Files
  2. Set File Permissions
  3. Configure Robots.txt
  4. Edit Please Review Configuration File
  5. Set RDB Connection String
  6. Encrypting the Connection String
  7. Next Steps

1. Rename Template Files

A number of configuration files and directories are supplied with a “.template” file extension.

These files should be copied to the created directories and renamed to remove the ".template" extension.

Tip! You may need to set Windows explorer to display file extensions. This can be done on the ribbon.

For each of these files/directories, we recommend you keep the original and make a copy with the “.template” extension removed, rather than simply renaming the original one. In the event of an upgrade you will need to re-apply any changes you have made to these files and this will be easier if you have a copy of the original template as well as the "working" one.

The files to be edited:

Directory File Name
TaraWeb Web.config
Taraweb/app_data/config ReviewTemplates.xml
WebExtensions.xml
Runtime/config Config.xml
Cultures.xml
EventHandlers.xml
FeedbackConfig.xml
ArchiveConfig.xml
RedactionCategory.xml
Taraservice.config
Taraservice.logging.config
Taraweb.logging.config
EmailTemplates (this is a directory)
Note: There are additional configuration files supplied with the product that have different extensions. These are predominantly aimed at the System Connectors. Do not remove any of these file extensions or the Please Review system will not start. If you intend to use any of the system connectors, please ensure the Please Review system is fully operational in Native Mode before adding in any system connectors.

2. Set File Permissions

Please Review requires appropriate file permissions to process running the ASP.NET application pool. This is known as the ASP.NET Identity. The ASP.NET Identity is a member of local server group IIS_IUSRS. This group should not be a domain group so please ensure that you select the local machine and not the domain when finding accounts.

Note: If you are using ASP.NET Impersonation (e.g. because you are using a clustered server configuration), ignore the above and instead set file permissions for the Please Review service account.

To set ASP.NET Identity permissions over the entire Runtime/Data directory tree:

  1. Select the Runtime/Data directory.
  2. Right-click, and select Properties.
  3. Select the Security tab.
  4. Click Advanced.
  5. Click Add.
  6. Click Select Principal.
  7. Type “IIS_IUSRS”.
  8. Click OK.
  9. Check “Allow” next to “Modify” and OK.
  10. Select “Replace all child object permissions with inheritable permissions from this object”.
  11. Click OK.
  12. Click Yes.

To set the ASP.NET Identity permissions over the entire TaraWeb directory:

  1. Select the TaraWeb/Dynamic directory.
  2. Right-Click, and select Properties.
  3. Select the Security tab.
  4. Click Advanced.
  5. Click Add.
  6. Click Select Principal.
  7. Type “IIS_IUSRS”.
  8. Click OK.
  9. Check “Allow” next to “Modify” and OK.
  10. Select “Replace all child object permissions with inheritable permissions from this object”.
  11. Click OK again.
  12. Click Yes.

3. Configure Robots.txt

Important Note: This section is only applicable if you are installing Please Review on a server that can be accessed from the public Internet.

You should ensure that the Please Review URL is known only to those that need to access the system and
is not linked from a publicly available web page.

In addition, it is strongly advised that you configure a robots.txt file in the web root to disallow search
engines from crawling and indexing the Please Review web application (and possibly other web content
on the same server).

If you have configured Please Review to run at a “root” URL e.g. https://pleasereview.company.com, you
will find there is already a robots.txt file in the root of the TaraWeb directory which will suffice. Otherwise
you should create a robots.txt in your web root similar to:

User-agent: *
Disallow: /Please Review

For more information on the robots.txt Robots Exclusion Standard, see http://www.robotstxt.org/ 

4. Edit Please Review Configuration File

The main Please Review configuration file is in the runtime/config directory and is called config.xml. This can be edited with a text editor or XML editor.

Open the file and search for “[[“. This is used to mark values that need to be manually replaced. Replace each marker with its value from the following table. Remove any [[ and ]] markers from the file once the editing is complete.

Parameter Name Notes
[[ConnectString]] The RDB Connection string
[[DatabaseType]] The word “mssql” or “odp.net”, all in lower case
[[EmailServer]] Host name or IP address of your email server
[[RootUrl]] The root URL – do not include a trailing ‘/’
[[LoginTokenKey]] Random characters

The login token key is used when the system generates an email for a user to reset their password or other similar operations. There is a hyperlink for the user to click, and the Login Token Key is a random string of characters used to ensure the URL is identifiable only by the system that generated it. There is no need to record the login token key (it doesn't matter if it gets lost). Just enter 10 to 20 random characters e.g. 4l@7r$532%q3Y?f ensuring that you do not use any of the following characters: double quote ("), ampersand (&) or angle brackets (<>).

5. Set RDB Connection String

The Please Review server uses ADO.NET to connect to the relational database and this requires a connection string which is like that used by other Microsoft database connectivity technologies (ODBC, ADO etc.).

The steps to configure the connection string will vary based on the database platform you use:

5.1. Microsoft SQL Server

The normal format of the connection string for SQL server is:

user id=<userid>;password=<password>;initial catalog=<dbname>; server=<server>

If you are using a database instance, the server parameter is <hostname>\<instance> or .\<instance> if it is on the same machine.

Note: Microsoft SQL Server express uses an instance name of SQLEXPRESS so you should use a server value of .\SQLEXPRESS for this. Please see MSDN for a complete list of the parameters that can be used.

Examples:

SQL Server running on the same server without instances (this is the default if you have installed SQL server standard edition on the Please Review box):

user id=pruser;password=prpwd;initial catalog=pleasereview

SQL Server running on a different server without using instances:

user id=pruser;password=prpwd;initial catalog=pleasereview;server=dbserver

SQL Server express on the same machine:

user id=pruser;password=prpwd;initial catalog=pleasereview;server=.\SQLEXPRESS

5.2. Oracle

For the ODP.NET basic configuration without tnsnames.ora, the normal connection string format is (all on
one line):

Data Source=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=dbserver)(PORT=1521)))(CONNECT_DATA=(SERVER=DEDICATED) (SERVICE_NAME=sn))); userid=pruser; password=prpwd;

Where dbserver is the host name of the oracle server, and sn is the service name.

If you are using some other connection method, the “data source” parameter is the Oracle Net Services
Name (or an easy connect name).

For more information please see Oracle Docs.

6. Encrypting the Connection String

It is possible (but not necessary) to encrypt the database connection string. Note that this is not just encrypting the password – the whole connection string must be encrypted. This encryption process must be run on the Please Review server where it will be accessed.

The connection string is generated using the supplied utility in Runtime/bin called AdminClient.exe.

Select the “Password Encoder” item from the “System Utils” menu.

mceclip1.png

Type the connection string into the top field and press encode and then paste the encoded password into the [[ConnectString]] field in the config.xml file so it looks something like the example below:

<add key="Tara.RDB.ConnectString" value="
AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARDWg2nQPSEO5ngSZemkZnAQAAAACAAAAAAADZgAAqAAAABAA
AADJjD5egol/a9BM4y7+4FFZAAAAAASAAACgAAAAEAAAA_IvQM0h3jiNPbNiootnTWAQAAAAc6jUh5oj
NCzhz7ISCgIRxhQAAACdhrYwNuScuWbPd5ZIubUzEIHvng==" />
Note: The [[ConnectString]] field must be all on ONE line. You may have to remove extraneous line breaks from your copied text before pasting into the config.xml file.

Next Steps

If you have everything in place you are ready to proceed. Please see Installing the Please Review License and Service for the next steps or Performing a Please Review 7.0 Installation to review the entire process.

What do you think about this article?

Your feedback helps us improve

More articles in this section

Looking for more help? Ask the Community

On this page