esBusiness server requirements

The es Business Server service is required for eserp program functionality and is therefore installed on a central server in the network (for example on the server with the eserp installation or the database server).

Server configuration (esServerconfig)

The es Business Server service is controlled centrally using the esServerconfig configuration interface. They are installed using a setup that is designed to allow services in the same release that are already installed to be updated by means of an assistant.

esBusiness Server - Requirements

The following requirements must be met for installation and operation of the es Business Server service:

• eserp users with administrative authorizations (see eserp service users)
• Authorization to configure the es Business Server service
• Windows user with corresponding authorizations for certain functions required (see Windows service user)
• Sharing of ports and applications in the firewall (see Firewall sharing / Used ports)

eserp service users

A Service User must be recorded for the Business Server in the eserp Settings under Settings | External programs | es2000 | es Business Server | Settings.

This personnel number is needed for the Contact and Service call actions so that it can be entered when these actions are automatically created. This allows you to see whether an entry was made by a user or by the es Business Server.

Authorization to configure the es Business Server

The logged in user requires certain user authorizations in eserp in order to configure the es Business Server service using the esServerconfig program.

Windows service user

To control the es Business Server services, we recommend the creation of a separate domain user. This user can be named eserpAdmin, for example. This service user requires various user rights to enable the es Business Server services to perform their various tasks.

The required user rights depend on the modules that are used.

The following authorizations are fundamentally necessary:

For further information please see the links / information given for each item.

Authorization	Description	Further information  (link)	Relevant for modules / functions
Execute as service	The Windows user requires authorization to execute as a service.	https://docs.microsoft.com/de-de/windows/security/threat-protection/security-policy-settings/log-on-as-a-service Also see eserp service users
Network access	As the Business Server service communicates with other applications on the network, the Windows user requires network access. Also see eserp service users	Also see Firewall sharing / Used ports eserp service users
Access to the drives / folders of the document management system (DMS).	Access to the contents of the DMS is exclusively through the Business Server service. Individual eserp users do not need authorization for the corresponding sharing of the DMS.	The service user requires the following authorizations in order to access DMS directory sharing: - Read - Write - Edit Also see DMS - Technical functionality	Document management Sending Emails through the server (access to files from the DMS) Receiving Emails (archiving of file attachments and original Email)
Access to MS Reporting Services	Microsoft Reporting Services provide extended report evaluations through the Microsoft SQL server.	The appropriate setup must be made in order for MS Reporting Services to be used. The following eserp settings are also required: Settings | General | Settings | System Settings - 'Windows login' area -> Windows user   Settings | General | Reports | Settings | General - 'Microsoft Reporting Service' area -> Server URL	es Dashboard es Business cockpit Use of MS SRS reports
Access to the system documents through esweb	The esweb product enables the documents for a system to be accessed via the Internet. A special feature is that, where necessary, documents that may be confidential can only be accessed through special security mechanisms. The advantage is that the documents are only present on the server temporarily and when required.		esweb Object documents
The following functions can also be assigned to the service user, but it is recommended that you use your own users for the email and Exchange link.
Authorization Email 'Send as'	To send Email using the Business Server service, the service user needs authorization to send Emails in the name of other users / departments ('Send as').	https://technet.microsoft.com/de-de/library/Bb676368(v=EXCHG.141).aspx	Relevant for module / functions: Sending Emails
Access to the Exchange mailboxes for appointment matching		License for esExchange (Exchange synchronization of appointments and tasks) is required	esExchange Synchronization of appointments and tasks between eserp and MS Exchange

Firewall sharing / Used ports

As well as the above-mentioned service user with the corresponding authorizations, the following shares are needed in the firewall for operation of the services:

Port	Application	Comment
12165 (TCP)	es Business Server service (events)	Default: Port 12165 The port can be adjusted manually if required
12164 (TCP)	es Business Server service (web service)	Default: Port 12164 The port can be adjusted manually if required SSL Configuration through a certificate is required. SSL Configuration when esExchange is used A certificate from a trustworthy certification body is required for access to an Exchange through EWS.   A self-signed certificate for Exchange synchronization is not sufficient.
Share application	ESBusinessService.exe (Server)	The es Business Server service (ESBusinessService.exe) communicates with eserp via dynamic ports (> port 1024).
Share application	ESofficeNet.exe (Client)	If a firewall is active on the Client. The es Business Server service (ESBusinessService.exe) communicates with eserp (ESOfficeNet.exe) via dynamic ports (> port 1024).