Preparing the server computer

Last update 2023-10-12

The server computer does not have to be dedicated exclusively to PDXpert, although sharing hardware resources with other applications and functions may affect system performance.

• Ensure that your server computer conforms to the server system requirements.

• Operating system configuration: §

  • Where the Windows user interface is optional, such as Windows Server Datacenter, install the Server with Desktop Experience option. Windows Nano Server, the Windows Server Core install option, or other releases that do not include a desktop GUI are not supported.

  • A personal operating system like Windows 10 / 11 is not recommended as a server OS. It comes with limited concurrent connections, inferior performance, frequent updates, slow restarts, and busy background services and telemetry. Desktop Windows should be considered only for a single-user machine, a light-use test/training/development system, or a very small workgroup's temporary production server. Enterprise LTSC is the "cleanest" version. §

  • PDXpert requires Microsoft .NET Framework. If your system's permission profile could block PDXpert setup's installation of .NET, upgrade your computer manually using the Microsoft .NET Framework installer. §

  • Ensure your computer has the latest Microsoft Windows, .NET and (if needed) SQL Server service packs and updates. Restart your computer after all updates are installed.

  • By default, communications between the PDXpert server and client are encrypted at user log-in by marking the Encrypt my connection to this server option. Ensure firewall TCP ports 48084 and 48086 are open.§

    The perfect forward secrecy protocol uses TCP transport security with Certificate Credentials. Windows Communication Foundation (WCF) determines the encryption level available for PDXpert's communications. The WCF framework automatically chooses the highest protocol available, and can be limited by the Windows and .NET versions on the server machine and on each client machine.

    The combination of PDXpert 12.2 / Windows Server 2012 / Windows 8 / .NET 4.6 (and all more recent versions of these) use TLS 1.2 or higher, while using an older version for any one of these may use an older protocol. If you require a specific TLS level, both server and client Windows must have the necessary configuration settings. See Microsoft Windows and .NET Support for TLS 1.2.

    Beginning with .NET 4.8 and PDXpert 15.0, TLS 1.3 is supported. Windows Server 2022 and Windows 11 enable TLS 1.3 by default. For older Windows 10 clients, ensure that TLS 1.3 is enabled: In Windows 10, search for and then open Internet Options. In the Internet Properties window, select the Advanced tab. Find and mark the Use TLS 1.3 option.

  • Before enabling the Windows OS option for the U.S. Government's Federal Information Processing Standard 140 ("FIPS mode"), review the note here. §

  • The PDXpert Filter Service uses Windows Search to index file attachments in the server \Library folder. In Windows Server 2016 and later, Windows Search is disabled by default. See Microsoft's instructions to enable the service. §

• Storage device use:§

  • Do not use a compressed, network-mapped, backup or other external (e.g., USB) disk for the application or data.

  • To support a practically unlimited number of files in the Library folder, your server's hard disk should be formatted as NTFS.

  • Use a local fixed disk (HDD/SDD) with substantial free space. The "file attachments" library grows much faster than the rate of database (MDF/LDF) growth.

  • Database performance is very sensitive to disk latency and transfer speed; faster is always better.

• Virtual machine use:§

  • The virtual disk must appear as a local drive. SQL Server is disk-intensive: the virtual disk should use the local disk bus located on the same physical server as the VM, or a SAN-based virtual disk must use equivalent performance.

  • Use a fixed-sized disk. Avoid using a dynamically-sized disk — this may cause significant delays when the database or library reaches the disk's limit, and performance degrades because the data is highly fragmented.

• Internet connection:§

  • During installation, PDXpert may download Microsoft .NET Framework and Microsoft SQL Server Express. If your system does not have access to the Microsoft.com website, then you must manually install/upgrade using the Microsoft .NET Framework installer and follow the Custom installation: SQL Server instructions.

  • PDXpert connects to the internet to authenticate the cryptographic signature of the license key.§

    • If your server is connected to the internet, ensure that it can access the certificate authority's validation URL.

    • If your server cannot always be connected to the internet, add the certificate authority's certificate to your server's certificate store.

  • An internet connection is required for direct access to Windows Update and Windows Defender, and to maintain the trusted root certificates list. §

  • A virtual private network (VPN) can noticeably affect performance. Engineering data is bulky; assembly records, CAD files, images & artwork, zip files, and reports/exports are many times larger than most business traffic. §

    • When using your own VPN, disabling client encryption (with open TCP port 48085) may show a minor performance improvement over double encryption.

    • Where the VPN service is routed through a third party, round trips between server and client can be much slower than a direct connection – not so much from VPN encryption, but more often a longer client ► VPN server ► PDXpert server ► VPN server ► client route. Opening a public IP address on the PDXpert server machine, and connecting directly through PDXpert's private VPN on TCP port 48086, may substantially improve the user experience.

• To support latest versions of SQL Server, install the current Windows Installer release.

• Remote access tools like Remote Desktop Services (RDS), Terminal Server/Terminal Services, Citrix® will typically require using the PDXpertClientSetupMPx64-{release}.msi installer.§

  Do not install both the PDXpert Server and a remote PDXpert client on the same machine. A PDXpert remote client installation can conflict with the server's client, preventing upgrades to a new PDXpert release.

  To avoid operational and upgrade conflicts, use only one of these installers on each machine:

  • The PDXpertSystemSetup-{release}.exe is the PDXpert Server, and automatically installs its own client into the machine (All Users) profile.

  • The PDXpertClientSetup-{release}.exe is installed into each user's separate profile.

  • The PDXpertClientSetupMPx64-{release}.msi is installed into the machine profile.

• To minimize incompatibility between network devices, DNS services, operating systems and local languages, assign only ANSI uppercase alphanumeric and hyphen ("-") characters to a server machine name and workgroup or domain name. If you intend to connect your server computer to an SMTP server, this is a requirement per RFC-1123, Section 2.1: <let>[*[<let-or-digit-or-hyphen>]<let-or-digit>]. §

  When using Turkish Windows, avoid using Turkish ı/İ characters in the machine name. Microsoft Windows does not fully support these characters in IDNA implementations prior to Windows 8.1, and some network devices and services may have problems.