Final Phase Systems (FPS) Joins the INFICON Family »
Save the Date! FabGuard User Group Meeting June 4-6, 2019 »
Come See Us at an Event Near You »
FabGuard APC v5.03.00 Release »
Simplifying FabGuard Configuration Backup »
APC Conference 2018: Legacy Control System Replacement »
APC Conference 2018: Integrating 3rd Party Sensors to Reduce Scrap Events Using FabGuard »
Restoring FabGuard Computers for 24/7 Sustaining »
Support for Microsoft OLE DB driver for SQL Server (MSOLEDBSQL) »
The Ticket System is Now HTTPS. Change Your Bookmarks! »
End-of-Life Support for FabGuard Versions and Microsoft Products »
FDC, like all factory systems, requires 100% up time and fast recovery if there are hardware, operating system, or software problems. FabGuard has some tools that make it easier and faster to restore its monitoring, whether it is running on virtual machines or on individual physical computers. A new Web Application Programming Interface (API) also allows a script to programmatically execute the restore function.
FabGuard must have a backup of the configuration to restore from. In 18.11.00, we have removed Backup Configuration tasks from the Executive Tasking System and implemented an automatic configuration backup for each connected IPM. See the article in this newsletter Simplifying FabGuard Configuration Backup for setup.
Here is a simplified description of the current restore function that FabGuard Executive runs based on the last configuration backup:
Note that restore will use the Windows credentials of the currently running Executive, unless specified.
There are a number of things that can block the restore function from completion. Verify that the replacement computer has the following image settings. See FabGuard Help topic “FabGuard PC Configuration Recommendations and Security Settings” for details.
Requirement |
Reason |
Recommendation |
---|---|---|
Windows permissions |
The FabGuard Executive needs to perform Windows Administrator actions to install and configure the target computer. |
Run the FabGuard Executive as the same domain user that all FabGuard applications will use. That user should be a local administrator on the target computer. Alternatively, this user should be in the Domain Admins group which by default is in all local admin groups. |
Windows policies |
Make sure local or group policies do not:
|
Test restore on a new image that has been connected and trusted on the network for at least 24 hours. This ensures that regular update checks and policy changes are captured and applied before fully testing restore. |
Antivirus and Firewall |
Need access to the target computer, to allow changes and run an installer. |
Have exceptions set up to allow FabGuard to run installers and copy files to the new computer. |
PSEXEC and admin$ |
The silent upgrade installer must be run locally, started by Windows System Internals' PSEXEC.EXE. |
Make sure the admin$ share has not been disabled and that psexec.exe is not blocked from running. Do NOT create this share manually, but set the registry to enable and reboot the computer. |
IPM Installation |
Saves time and can have custom share permissions. |
Configure the Parent Path in FabGuard Executive >> Global Preferences >> Miscellaneous >> IPM Installation Parent Path. |
RemoteRegistry Service |
The InficonRegistry.hiv must be restored using the RemoteRegistry service. |
It is preferred to run this service on all FabGuard systems, since this is also used for backing up the INFICON registry hive. |
The following URL installs a FabGuard IPM on a target computer and configures it using a previously backed up configuration.
URL http://HOSTNAME/FabGuardDll/FgWebDll.dll?
755=86&
804=2&
740=MachineIdFrom&
803=ToolId&
717=MachineIdTo&
775=WindowsUserDomain&
776=WindowsUserName&
777=WindowsUserPassword
(MachineIdFrom and ToolId are optional but at least one must be specified so that the backup can be identified.)