Configure
Perform the steps in this section if you are installing Lynx for the first time.
Step 1: Edit and run the PowerShell script
Locate the PowerShell script (C:\Program Files (x86)\HealthCast\Lynx\Lynx.Config.ps1) on the server on which the Lynx software is installed. Edit the following two lines to provide values specific to your environment:
$certificateThumbprint = "your-cert-thumbprint" *mandatory
$port = 443 **change this value if needed. If you change this value, you’ll also need to change it in the config.ini file (see below).
Note: The certificate thumbprint can be found by opening the “Certificates – Local Computer” app (certlm.msc), Personal, Certificates folder. Then, double-click the certificate you wish to use and click the Details tab and find the “Thumbprint” value.
Note
The PowerShell script binds the certificate to the port you choose to make it possible to enforce the SSL requirement. It also creates the necessary firewall rule.
Step 2: Edit the INI file
Lynx comes with a default configuration that may be suitable for your situation. However, if you need to configure any Lynx parameters, you may do so by following these steps:
Stop the HealthCast Lynx service.
Make a copy of the sample-config.ini file in the C:\ProgramData\HealthCast\Lynx folder. Save the copy in the same folder but call it config.ini.
Edit config.ini to change settings (see example config.ini file below).
Save the settings.
Start the HealthCast Lynx service.
(Example) Lynx Configuration Settings:
ServerPort=443 * the same port configured in the Powershell script
DatabaseType=0 * 0=Embedded database, 1=SQL Server database (see below)
DatabaseServer=SqlServerName * if using SQL Server, the name of your database server
DatabaseName=MyDatabase * if using SQL Server, the name of the database
RequireAdminRole=true * if true, then logging into Lynx Admin web app will be restricted to only those users who are members of the AD group which is specified by the AdminRoleName setting (see below)
AdminRoleName=Lynx Admins * the name of the Lynx admins group (see below)
ProxCardTableType=0 * 0=Lynx proxcard table, 1=pre-XA 4.11, 2=XA 4.11 and above
RequireAdminRole and AdminRoleName
When RequireAdminRole is set to true, then Lynx will only allow those users who are members of the Windows group specified in the AdminRoleName setting to log into the Lynx Admin web app. If the RequireAdminRole setting is false, then anyone with a valid Windows login will be able to login to the Lynx Admin web app. These two settings only affect who can log in to the Lynx Admin web app. They do not affect who can use their prox card, etc.
Database Type
Embedded database | Lynx comes with an embedded database that is suitable for smaller deployments, PoC, and demo environments. When you use this option there is no need to have a separate database server because Lynx will instead store data in its embedded database file. This makes deployment easier and less expensive but does not provide a highly-available environment and may be at risk of data loss if the embedded database file is corrupted or deleted. All that is necessary to use this option is to set the DatabaseType setting (in the config.ini file) to 0. When the DatabaseType is set to 0, the DatabaseServer, DatabaseName settings are ignored. |
SQL Server database | Lynx will also work with SQL Server (see Requirements), with or without also using ExactAccess (XA). If you are installing Lynx to use in conjunction with ExactAccess (XA) then Lynx should be configured to use the same database as XA. To configure Lynx to use the same database as XA, use these settings in config.ini: DatabaseType=1 DatabaseServer=<XA database server name> DatabaseName=<XA database name> ProxCardTableType=1 (pre-XA 4.11) or 2 (XA 4.11 and above) |
Note
If you will be using an embedded database, you can skip steps 3, 4, and 5 and go directly to Test.
Step 3: Configure the SQL Login
If you are using SQL Server, you will need to create a new Login for the Lynx service account login if you haven’t already done so. (Note: if you don’t have admin privilege you will need to enlist the help of your sysadmin or DBA).
Select the Security folder, Logins, and right-click "New" Login.
Fill in the Login name using the Lynx service account.
Select User Mapping and check the Proximity Card Database you’re going to use.
Check the db_datareader and db_datawriter roles (unless you’re using Windows Authentication, in which case the db_owner permission is set with the ExactAccess configuration, and the account will not require the additional permissions).
Step 4: Run the SQL script to create the database tables
If using Lynx with ExactAccess (XA), locate the XA database on the SQL server and note the name of the XA database. Otherwise, create a database on the SQL server and note the name.
Using SQL Server Management Studio, open the SQL script (C:\Program Files (x86)\HealthCast\Lynx\CreateDB.sql) and change the name of the database in the first line of the script to the appropriate database name.
Execute the script (and refresh the tables list to make sure the tables were created).
Step 5: Configure the Lynx Service ‘Log On As’ Account
Open the Services Console (Control Panel, Administrative Tools, Services).
Locate and double-click the HealthCast Lynx service to open the Properties dialog box.
Click the Log On tab, then select “This account”.
Enter the name and password of the account you are going to use to connect to the database.
Important
If you are planning on configuring Lynx to enable Self-Service Password Reset (see the “SSPR” section under Settings for more detail) you will also need this account to be one with sufficient domain privilege to be able to reset passwords.
Restart the service. If everything has been configured correctly to this point, then the service should start and will indicate a status of “Running”.