How big are your blobs?

Strange question, but many Agresso databases contain more blob data than they do financial data.

What is blob data? Generally speaking it refers to files that are stored in the database such as JPEG’s, PDF’s text files, Word docs etc, and these may be scanned invoices, bacs remittances, pay slips, log files, report results files and so on.
The two main blob tables are ACRPRINTBLOB and ADSFILEBLOB. The former holds the server logging and report results files, and the latter is for scanned invoices etc.

It isn’t uncommon to find databases that contain over 80% blob data. This isn’t an issue in itself, but it’s useful to keep a watch on things to ensure that images are not being scanned at very high quality which produces large files.

It also allows for future planning in regards to clearing down the ACRPRINTBLOB table or if you want to store the contents of ADSFILEBLOB outside the database in a Windows file share.

On SQL Server based systems it’s relatively easy to determine the size of these tables as you can just use the command SP_SPACEUSED in a SQL Server query window. Selecting the Agresso database and running the command on its own shows the size of the database itself.

sp_spaceused
 
 
 
 
 
 
 
 

 

 

Running the command followed by a table name shows the size of the table.

exec sp_spaceused acrprintblob
exec sp_spaceused adsfileblob


 
 
 
 
 
 
 
 

 

 

 


Agresso Milestone 4 Active Directory Authentication and SSO

There are four entities within Agresso Milestone 4 that require authentication when you connect to them.
  • Desktop Client
  • Web Client
  • Web Services
  • Agresso Management Console
The standard way to log into these is to use an Agresso username and password, but there is is also Single Sign On (SSO) which logs you straight in with no need to enter any credentials and finally Active Directory (AD) authentication which allows you to log in by using your Windows logon credentials.
It is possible to setup SSO or AD logon either via the Desktop Client (System Administration) or within the Agresso Management Console (AMC), both have the same screen.

Authentication methods are setup on a platform basis. So you could have SSO for Agresso Web users and AD logon or Agresso logon for the Agresso Desktop client.

Agresso Authentication gives the standard logon screen (also get this if no authenticators are selected)

Windows Password Authentication asks you for Windows logon details. Note that there is no longer a Client field, it has been changed to Domain. The username and password fields are now for your Windows Network (AD) username and password.

The last option of Windows Authentication gives you SSO where no logon details have to be entered.
For AD or SSO authentication to work you still need to create an ABW user, and to this user you need to link a Windows Logon in the format of DomainNameWindowsLogon, as well as providing the default company that you want them to log into. All of this is setup in the User master file.

A slight word of caution. If you plan on quickly testing this and setup a Windows Logon against your ABW account and then switch on Windows Password Authentication, you will be able to logon using your AD credentials, but everyone else on the system who is not mapped to their Windows account will be effectively locked out.
Although, it is possible to move over Agresso Authentication along with either of the other two options. This will allow you to still login using Agresso authentication if your ABW account is not linked to a Windows Domain User. This is useful for system users that sometimes may need to log on to the system as other users.
For SSO to the web there are a couple more things that need to be configured against the Web publication in the AMC which basically modifies IIS to allow Windows Authentication

SSO logon is particularly useful for organisations that may have large numbers of users that occasionally use Agresso such as Timesheet users as they have no requirement to remember their Agresso username or password.
AD authentication also has the above advantage but provides more security.
Please note that if you enable SSO for the Agresso web client and you are prompted for Windows username and password when you connect, check that on the Agresso Web server that Internet Explorer Enhanced Security Configuration is turned off. This is done in Server Manager. This setting is turned on by default on Windows Server.