This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Where is Port\IP documentation for workflow timer service. Bug or expected behavior.

Go to answer
Andrew_Rustad
Champ in-the-making
Champ in-the-making

‎11-05-2018 03:50 PM

Our firewall sees the workflow timer service hit random IPs when starting, if blocked the service fails to start. They seem to serve no functional purpose if blocked after the service has started it seems to function normally.


I need to know what these are for and document the firewall requirements, IP ranges or FQDN, ports and the purpose of such connections to be able to use that service for security concerns.


I am having trouble finding such documentation or posts.

0 Kudos
1 ACCEPTED ANSWER

Go to answer
Paul_Lloyd
Employee
Employee

‎11-06-2018 04:33 AM

As Ryan pointed out some ports may be accessed by the Timer Work Tasks that the Workflow Timer Service is running. However, if you have the Workflow Timer Service Administrator application open when running the service (or if you're starting the service from the Workflow Timer Service Administrator) then there is communication between the Administrator and the Workflow Timer Service itself.

By default the port number for connections initiated from the Workflow Timer Service Administrator is 8900.

This is from the Workflow Timer Service Administrator config file (Hyland.Applications.Workflow.Timers.Admin.exe.config😞

And the Workflow Timer Service's config file (Hyland.Core.Workflow.NTService.exe.config😞

I suspect the 'random' ports that the you are seeing are the ports for the responses to the connections initiated by the Workflow Timer Service Administrator on port 8900. You could confirm this by starting the Workflow Timer Service without the Workflow Timer Service Administrator being open.

View answer in original post

0 Kudos
9 REPLIES 9

Go to answer
Ryan_Wakefield
World-Class Innovator
World-Class Innovator

‎11-05-2018 06:19 PM

There isn't necessarily any ports or firewall rules that you need to apply to the timer service itself. It really all depends on all of the locations that your different timers are going to be accessing. So for example. If you have a timer for a DIP process, then depending in where those files are located it might be accessing that server which could be a different IP address than the server with the service on it. On top of that, say it picks up the files and then it needs to run OCR On them and that is on another server, then that IP could be being accessed.


If anything, I would check and see what the errors show as in the Event Viewer as that might give you some more details as to what the root cause might be.

0 Kudos

Go to answer
Andrew_Rustad
Champ in-the-making
Champ in-the-making
In response to Ryan_Wakefield

‎11-06-2018 10:42 AM

That is incorrect as it is now. If outbound traffic to the internet is blocked, the service will not start.


If it is a configuration somewhere, I need to find where it might be.

0 Kudos

Go to answer
Paul_Lloyd
Employee
Employee

‎11-06-2018 04:33 AM

As Ryan pointed out some ports may be accessed by the Timer Work Tasks that the Workflow Timer Service is running. However, if you have the Workflow Timer Service Administrator application open when running the service (or if you're starting the service from the Workflow Timer Service Administrator) then there is communication between the Administrator and the Workflow Timer Service itself.

By default the port number for connections initiated from the Workflow Timer Service Administrator is 8900.

This is from the Workflow Timer Service Administrator config file (Hyland.Applications.Workflow.Timers.Admin.exe.config😞

And the Workflow Timer Service's config file (Hyland.Core.Workflow.NTService.exe.config😞

I suspect the 'random' ports that the you are seeing are the ports for the responses to the connections initiated by the Workflow Timer Service Administrator on port 8900. You could confirm this by starting the Workflow Timer Service without the Workflow Timer Service Administrator being open.

0 Kudos

Go to answer
Andrew_Rustad
Champ in-the-making
Champ in-the-making
In response to Paul_Lloyd

‎11-06-2018 11:19 AM

I looked at Hyland.Applications.Workflow.Timers.Admin.exe.config, it is also pointing at the local host. The section seems identical to what you posted. I do not see it referencing external resources other than the xml schema whose IP is not reached out to when starting the service. I could not find Hyland.Core.Workflow.NTService.exe.config on the server that service resides on.


The problem is it is initiating unknown traffic to the internet; and does not start when blocked. My boss wants all internet traffic blocked from the server this service is installed on.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC