Administrator Handbook | Table of contents |
Read software and hardware prerequisite if not already done!
IMPORTANT: We strongly recommend to run the product LoriotPro on a system dedicated to this only usage. LoriotPro is a multitasking software that can used intensively, depending on the size of the monitored infrastructure, the system resources (CPU, memory, disk and network access) on which it is installed. Third party sofwtares that interact with the operating system, such as anti-virus and remote takeover software can degrade drastically LoriotPro operating performance.
Before installing LoriotPro and use, it is essential to meet the following conditions:
After installation and before starting, it is essential to meet the following conditions:
LoriotPro is provided as an executable file and can be downloaded on www.loriotpro.com.
The name is linked to the version and is coded to enable better version maintenance and updates.
Run the executable file by right clicking on the file from your preferred Windows environment in either an Explorer window or on the Desktop.
Use the Run as administrator option to be sure that the installation will be done at the administrator level
Note: If the logo is attached to the icon of the program runs by default with administrator privileges.
The installer appears (here in the example for the Broadcast Edition). The visuals may change from one edition to another.
The installation program will ask you to read the license conditions and terms and accept them before continuing.
The software will not be installed if you do not agree with the license terms. After that, you must choose the subdirectory where to install it.
After installation, you have the LoriotPro V8 icon on the desktop
On Windows Server 2010 and Windows 8/10 new tiles are available
One icon is for starting LoriotPro, the other is for uninstalling it.
Disable user account control - UAC
User Account Control (UAC "control user account") is a data protection mechanism introduced in Windows operating systems since Vista release.
The members of the local Administrators get two access tokens at the system level.
One that encompasses all rights and privileges as a administrator, the second derivative of the first that contains standard user privileges.
By default, if UAC is enabled, the filtered token that is used prevents LoriotPro to run completely.
If UAC is enable a window like this one asks you to log in as administrator
To avoid this doll to disable UAC
In the Control Panel, select User Accounts and then the option: change user account control.
It is also possible to disable UAC in the registry.
Access the registry with regedit and
locate the following key:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System
In the right pane change the key "EnableLUA" to assign the value "0".
Note: You must restart the computer for the change to take effect.
Disabling real time AntiVirus software
Antivirus software runs as a background task on computers, checking in real time every file opened by applications.
The critical issue of this real-time monitoring performs by the antivirus is the drop of performance for LoriotPro when accessing files
LoriotPro must write in the log files in real time and the antivirus slows down unbearably the access. The antivirus should indeed monitor all writing in files and find the footprint of virus from a base whose size is increasing day by day.
While it is still possible to keep the real-time protection with antivirus when LoriotPro monitors a smaller infrastructure, it becomes prohibitive if performance is sought and if the log flow is important.
It is therefore necessary to disable the Real Time scan or exclude from scanning the LoriotPro executable as in this example with antivirus Microsoft Security Essential.
LoriotPro is installed in a single directory, which contains program files and data files as well as configuration files. This initial choice does not respect current Microsoft recommendations, but simplifies product maintenance and backup. In contrast, access rights issues may arise especially if you choose to install the program in the "Program Files" directory.
If you decide to install LoriotPro in "Program Files" you might need to add privileges for the user that is used to run the program. By default LoriotPro must be installed and use the Administrator.
Microsoft introduced with Windows Vista (UAC) some security features for any non-Administrator programs. If such programs try to write to protected locations such as "Program Files" they will get their writes caught and redirected to an alternative "user friendly" location.
To know and define the rights of the program LoriotPro on its directory of installation it is necessary to identify the user used by the program when it is executed.
To know the Windows user used by the LoriotPro program several methods are available.
Beforehand, the LoriotPro program must be started and executed.
Command Line : tasklist /FI "WINDOWTITLE eq LoriotPro*" /V
With the Task Manager option: Detail
Knowing the user it is necessary to check the effective rights of this user on the directory of installation of LoriotPro.
Select the directory (in the example below c: \Program Files\ LUTEUS\LoriotPro V8\)
Open the Properties of the directory then select the Security tab. This window shows that the Administrator group has full control rights on the directory. But be careful not to confuse the group and the user, the user might have more restricted rights. It is necessary to verify to be totally safe the user's actual rights.
Click on the Advanced button
Select the Effective Access tab
Select Select User and enter the previously discovered user name with TaskList
Select Check Name to verify that this user exists
Exit with Apply and OK
Show effective rights with the View effective access button
It can be seen that the Administrator user who is a member of the Administrators group inherits its rights to the directory. Full control is required for the LoriotPro application.
It can be seen that the Administrator user who is a member of the Administrators group inherits its rights to the directory. Full control is required for the LoriotPro application.
When compiling LoriotPro V8 the option Administrator privilege mode was imposed.
The icon present for the executable file of LoriotPro indicates it by its attached shield.
If you run the program when you do not have this privilege level then the following window opens asking you to log in as Administrator.
Applications written with the assumption that the user will be running with administrator privileges experienced problems in earlier versions of Windows when run from limited user accounts, often because they attempted to write to machine-wide or system directories (such as Program Files) or registry keys (notably HKLM).
The user account control (UAC) tries to manage this using File and Registry Virtualization, which redirects writes (and subsequent reads) to a per-user location within the user’s profile.
For example, if an application attempts to write to “C:\program files\appname\settings.ini” and the user doesn’t have permissions to write to that directory, the write will get redirected to “C:\Users\username\AppData\Local\VirtualStore\Program Files\appname\settings.ini”.
Regarding the Firewall of the Windows operating system, if it is active at the launch of LoriotPro many alerts like these may appear.
It is therefore recommended to have a total functioning of LoriotPro to disable the Firewall.
In addition, the Firewall must inspect the incoming and outgoing flows which can be very consistent with LoriotPro on large configurations. Packet analysis by the firewall adds processing time (RTT) and load on the processors that can seriously impair the functionality of LoriotPro or even render it inoperative. This is all the more true for the BROADCAST EDITION which can do real-time processing and send packets over periods of order of the second.
If the firewall is to remain active, here is the list of ports that must be opened to a minimum to ensure that LoriotPro works properly.
Source IP | Source Port |
Protocol |
Destination IP |
Destination Port |
LoriotPro |
All |
UDP/SNMP |
All |
161 |
All |
161 |
UDP/SNMP |
LoriotPro |
All |
LoriotPro |
All |
UDP/SNMP Trap |
All |
162 |
All |
All |
UDP/SNMP Trap |
LoriotPro |
162 |
LoriotPro |
All |
UDP/Event |
All |
5001 |
All |
5001 |
UDP/Event |
LoriotPro |
All |
LoriotPro |
All |
UDP/Syslog |
All |
514 |
All |
All |
UDP/Syslog |
LoriotPro |
514 |
All |
All |
TCP/HTTP |
LoriotPro |
8010 |
LoriotPro |
8010 |
TCP/HTTP |
All |
All |
Note that the port on WEB server is 8010 by default. Adjust the rules of the firewall accordingly.
www.loriotpro.com |
|