Enterprise Connector prerequisites
System requirements for an Enterprise Connector server:
- Windows 2019 Essentials, Standard, or Datacenter
- Windows 2022 Standard or Datacenter
- Linux Redhat Enterprise Server 7 and 8
Enterprise Connector is not supported on a Windows Domain Controller.
Enterprise Connector is not supported on a Linux system setup with Security-Enhanced Linux (SELinux )
Amazon Corretto JDK 17 (64 bits) update 8 or later installed. Only JDK 17 (64 bits, update 8 or later) is supported.
Other JDK versions, like JDK 11, 19 and 21 are not supported.Note: For 2024.04, if you use the API Gateway Hybrid service, then do not yet update the Enterprise Connector to JDK 17.It is, for example, known that the Bouncy Castle extension does not work well with Enterprise Connector. Therefore, you must use a default JDK installation without extensions.
For details, see Updating the JDK version.
Requirements for the database:
- SQL Server 2019 Web, Standard, or Enterprise
- SQL Server 2022 Web, Standard, or Enterprise
- PostGres Plus Advanced Server DB (PPAS), 64 bit version. Version 14, 15, 16
SQL Server must have "mixed mode authentication" enabled because Enterprise Connector requires SQL Server authentication.
Hardware specifications:
- 4 GB RAM, 2 Cores for low volume tests
- 8 GB RAM, 4 Cores for higher volume tests
- Enterprise Connector does not require much disk space because it does not store business data in its database. 10 GB of free space is sufficient.
ION CE Enterprise Connector 12 runs on the ION Grid. The ION Grid facilitates high availability for the Enterprise Connector and requires a database. During the installation you can have the installer create the database or use a pre-created database. If the installer must create the database, a database user with database administrative authorizations is required. For SQL Server typically ‘sa’.
During the installation of the Enterprise Connector, you must specify three ports. We recommend that you use 28089, 28090, and 28091. Ensure these ports are accessible for the host where the Enterprise Connector is installed. If you plan to scale-out the Enterprise Connector, ensure the ports are also accessible for the other hosts.
To communicate with the Infor OS (AWS services), the Enterprise Connector uses HTTPS secured through TLS 1.2. For authentication, an AWS IAM account is used. This account is created specific for the Enterprise Connector, and grants access only to AWS resources that are relevant for this Enterprise Connector Location. Credential information that is used by this Enterprise Connector, is stored encrypted.
The Enterprise Connector connectivity with the ION CE cloud environment is always initiated by the Enterprise Connector, so only outbound Internet access is required.
Ensure the Enterprise Connector can access these Amazon web services:
- IAM: endpoint https://iam.amazonaws.com
- SQS: the SQS endpoints for your region. For reference, see https://docs.aws.amazon.com/general/latest/gr/sqs-service.html
- S3: the S3 endpoints for all regions. For reference, see https://docs.aws.amazon.com/general/latest/gr/s3.html
Ensure subdomains to these S3 endpoints are allowed. See these examples:
- For us-east-1 allow
*.s3.amazonaws.com
. - For Frankfurt allow
*.s3.eu-central-1.amazonaws.com
.
- For us-east-1 allow
- If you use or plan to use IDM Enterprise Print; Amazon API Gateway: the data plane
endpoints for your region.
See https://docs.aws.amazon.com/general/latest/gr/apigateway.html
These service all are accessed through standard https port 443. So opening port 443 to the internet is sufficient to access these services.
If your firewall also checks on IP addresses, ensure the IP addresses of the above services are included. Amazon exposes these IP addresses through this link.
If you configure the Enterprise Connector with the AWS (Amazon) region it must access, you only must configure access to that region.
See Limiting Enterprise Connector to the ION CE Amazon region.
Service account requirements:
When installing Enterprise Connector, NT SERVICE or ALL SERVICES, or both must be granted
the Log on as a service
role on the Enterprise Connector server before
the installer is run. This is the default setting in Windows, but it might have been
revoked on your system.