This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Where is Port\IP documentation for workflow timer service. Bug or expected behavior.

Go to answer
Andrew_Rustad
Champ in-the-making
Champ in-the-making

‎11-05-2018 03:50 PM

Our firewall sees the workflow timer service hit random IPs when starting, if blocked the service fails to start. They seem to serve no functional purpose if blocked after the service has started it seems to function normally.


I need to know what these are for and document the firewall requirements, IP ranges or FQDN, ports and the purpose of such connections to be able to use that service for security concerns.


I am having trouble finding such documentation or posts.

0 Kudos
1 ACCEPTED ANSWER

Go to answer
Paul_Lloyd
Employee
Employee

‎11-06-2018 04:33 AM

As Ryan pointed out some ports may be accessed by the Timer Work Tasks that the Workflow Timer Service is running. However, if you have the Workflow Timer Service Administrator application open when running the service (or if you're starting the service from the Workflow Timer Service Administrator) then there is communication between the Administrator and the Workflow Timer Service itself.

By default the port number for connections initiated from the Workflow Timer Service Administrator is 8900.

This is from the Workflow Timer Service Administrator config file (Hyland.Applications.Workflow.Timers.Admin.exe.config😞

And the Workflow Timer Service's config file (Hyland.Core.Workflow.NTService.exe.config😞

I suspect the 'random' ports that the you are seeing are the ports for the responses to the connections initiated by the Workflow Timer Service Administrator on port 8900. You could confirm this by starting the Workflow Timer Service without the Workflow Timer Service Administrator being open.

View answer in original post

0 Kudos
9 REPLIES 9

Go to answer
Mike_Walkuski
Employee
Employee

‎11-06-2018 04:59 AM

Hi Andrew,


If you are seeing it hit specific IP addresses and the service won't start if they are blocked, then I am thinking that this is the Timer Service trying to verify the integrity and authenticity of the executable against Microsoft's signing servers.


I would recommend reaching out to your first line of support as they can help you in determining if this is the case as well as provide more information on the code signing process.

0 Kudos

Go to answer
Andrew_Rustad
Champ in-the-making
Champ in-the-making

‎11-06-2018 09:35 AM

Some of the IPs I see it reaching out to when starting the service are:


8.252.36.254


23.5.251.27


8.250.235.254


8.253.133.120


8.252.68.126


Whois reveals either noanet or level3, both big companies, so those IPs could be anything. Nslookup isn't revealing their identity either.


The code signing process might make some sense, but I still need a way to prove it.


We have no external resources the timer services should be accessing that I can discern.



0 Kudos

Go to answer
Mike_Walkuski
Employee
Employee
In response to Andrew_Rustad

‎11-06-2018 09:52 AM

I am thinking that it is definitely the code signing verification process. At this point, go ahead and reach out to your FLOS and they can help you investigate further to confirm that.

0 Kudos

Go to answer
Andrew_Rustad
Champ in-the-making
Champ in-the-making
In response to Andrew_Rustad

‎11-06-2018 10:23 AM

Will do. My boss is now telling me he doesn't want any outbound traffic to the internet, it should only be accessible either way from our internal\partner network. So I must find a way to disable that function, we use the service primarily for collecting scanned documents.

0 Kudos

Go to answer
Ramy_Mohareb
Confirmed Champ
Confirmed Champ
In response to Andrew_Rustad

‎10-30-2019 10:26 AM

When disabling internet the services are not running including the workflow timer service. Iam suspecting hitting the same bug. We are ob17 sp1. 

what was the re solution in your case ? And your onbase version???

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC