The BELMOD data transfer
The BELMOD data transfer Bart.Servaes Wed, 06/12/2024 - 16:37HD integration
HD integrationThe BELMOD server is placed in its own OU, separated from all other XAW servers.
Users are grouped in AD. These groups are all under the same OU. The SCN-P-XAWBELMOD server is accessed by two different types of accounts. These types are:
- Normal users: "BELMOD users SCN-P-XAWBELMOD"
- Limited users: "BELMOD users SCN-P-XAWBELMOD limited users"
As it stands, the normal users are allowed to connect to the desktop version of the server. Limited users may only connect to the EUROMOD published application. The limited users are also further restricted in their usage of the server, as they cannot use things like the recycling bin, control panel etc. Furthermore, all users are restricted from accessing the different drives on the server.
Users are grouped in so-call "global groups" in AD. These global groups are all under the same OU.
The computer object and the different user groups are all located in the DHD.local domain.
SFTP user access
SFTP user access Bart.Servaes Wed, 03/29/2023 - 11:49SFTP BELMOD_IN
SFTP BELMOD_INCurrently, two organizations (KSZ and FOD-SZ) are able to upload data to the BELMOD environment but this could be extended to additional organizations.
BELMOD_IN
The following users have been created:.
- for KSZ: dm_ksz
- for FOD-SZ: dm_fodsz
When users log into sftp.healthdata.be:2222 they will have access to the BELMOD_IN directories:
/BELMOD_IN/data
- /BELMOD_IN/data/other → for FOD-SZ users
- /BELMOD_IN/data/source → for KSZ users
There is a script running every 30 minutes, which downloads the content of the SFPT BELMOD-IN and automatically puts it in the correct directories on the BELMOD server. A log file of the download is created and placed in the E:\Administrators\logs directory of the server. The log file contains the timestamp, status and target directory of the download.
The file(s) will be removed automatically after a successful download.
Data coming from the KSZ is encrypted by the public key of the FOD-SZ using ‘Kleopatra’.
The data managers on the BELMOD server are able to decrypt the data with their private key using ‘Kleopatra’, which is installed on the BELMOD server.
Note: Should the user encounter a problem with the script, an incident must be reported via Service Now (see section How to report an incident).
SFTP BELMOD_OUT
SFTP BELMOD_OUTThe BELMOD-OUT SFTP has been set up to give the possibility to publish reports outside of the BELMOD environment.
User accounts – one per project – have been provided for the first 5 projects but that number could be extended as required. This needs creating a ticket in Service Now.
- Gen_user_project_1 → sftp directory: /BELMOD_out/data/project_1/export/
- Gen_user_project_2 → sftp directory: /BELMOD_out/data/project_2/export/
- Gen_user_project_3 → sftp directory: /BELMOD_out/data/project_3/export/
- Gen_user_project_4 → sftp directory: /BELMOD_out/data/project_4/export/
- Gen_user_project_5 → sftp directory: /BELMOD_out/data/project_5/export/
When these users log into sftp.healthdata.be:2222 they will have access to the export files of their project, as described above. Each user only has access to their own project.
A script is running every 30 minutes, which uploads the content of export directory “E:\Belmod\project_<number>\<project_name>\Export” and automatically puts it in the corresponding project directory on the SFTP server. A log file is also created and placed in the E:\Administrators\logs directory.
Once the file has been successfully downloaded, please make sure to delete it from the BELMOD_OUT SFTP. The SFTP directories should be used as a temporary storage location.
Note: Should the user encounter a problem with the script, an incident must be reported via Service Now (see section How to report an incident).