:::: MENU ::::

ACS CHeckPoint Part 3 – Installing Vein Server

Continuation of a series of posts on ACS CheckPoint and Biometric Scanning Part 3 of 5

Part 1: Why Biometric?
Part 2: Why Vein Scanning?
Part 3: Installing M2sys Vein Scan Server & Configuring the Database

Part 4: Installing M2Sys BioPlugin Vein Scanning Client
Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint

As previously mentioned Part 1 & Part 2 we have deployed M2Sys’ products before and have some familiarity with the products.  Even with this familiarity there were a few areas that we had to work thru to get everything working.  Our specific install is unique since we will be deploying both Vein Scanning and Fingerprint Scanning on the same network.  At the time of writing this documentation, the two technologies are not able to be compatible with one another and require separate installation for independent use.  Future updates are expected in the next few months that will allow for one Database install and one client install to support both types of scanning on the same workstation concurrently.  Until that is the case the Vein Scanning Database and Finger Print Scanning Databases must be accessed via two separate servers.

Installation of M2Sys BioPlugIn Vein Scanning Server and Database
Most steps are identical for Fingerprint Scanning Server and DB but Vein Scanning install requires a different installer than the BioPlugin for Finger Print Scanning.
Your mileage may very depending upon your environment, do due diligence before following these procedures.

- Install OS On a new Server – Since  almost all of our servers are virtual isolation of applications is key.

- When using 2008 or 2008R2 as your server operating system disable UAC prior to starting the install of the M2Sys software.  If UAC is not disabled before install of M2sys the service will fail.
On Server 2008R2 disable UAC by going to Control Pannel>User Accounts>Change User Account Control Settings and change the slider to “Never Notify”.

- Install M2sys BioPlugin Software
Note: Installing BioPlugin 6.6.1 on a 64bit server the service will fail because the application is making a call to the Hitachi Driver which is only 32bit at this time. Uninstalling and installing resolved this issue.

- After installation is completed you will notice a traffic light icon in the system tray

This icon only indicates if the service is running or not.  Administration of the BioPlugin is done in the control panel, not the Sys Tray icon or start menu.

Note: If you are using server 2008 or 2008r2 you will have to change the view of the Control Panel to Large or Small icons to view the BioPlugin control. BioPlugin does not display in any of the Category Groupings.

- After accessing the BioPlugin Server Preferences you will need to apply the license key.  Do this by Navigating to the last tab “"License”.  If you purchased the scanners and software from ACS Directly you will need to send your account manager the Installation ID and they will send back a License ID.  Enter the License ID and Select Apply.

- After you have installed the software and applied the license key you can restart the server and BioPlugin should show green on the little traffic signal.  It is possible for the service to try to start and fail and the green will go back to red.  This is the first indicator that we were having an issue with 6.6.1 not working  on a 64bit server.

- Check the Service is actually running by going back into the Control Panel BioPlugin Server Preferences and click on View Core Server Log.  The Log should display “Waiting for Client Request”. If the service is failing the log file will either not display “Waiting for Client” or when you click on view Core Server log nothing will happen because the log hasn’t yet been created.

Note: It is not stated anywhere in the documentation, but Cached Size: # is the number of registered users you have currently in the BioSnapOn Server.

- Once you know the service is working locally you have to decide to either keep the database on the server as an access database, which M2sys says is ok for up to 10,000 or point the M2sys server to another database server like MySQL, or MSSQL.  Because we already have a backup strategy in place for MSSQL databases and have a server running MSSQL 2008 it was best for our situation to use the MSSQL backend rather than the local access database. 
Note: In a testing environment the local database worked without any issue.

- If you are using a MSSQL database the next step is to create an empty database and user account for the BioPlugin server to use to connect to the database.  Because we already have our finger print scanning database in production we simply created a new database with the same name and added database–02 to the name.  In a dual database setup like ours it is important that the right BioPlugin server be pointing the correct database or your biometric check in with not be successful.  You define which database the BioSnapOn Server connects to in the DB string later in this process.

- After a blank database is created and the user account is set as the owner you run a script to prepare the database for use by BioPlugin.  These scripts can be found in the location on the BioPlugin server where you installed BioPlugin (Default is C:Program FilesBioPlugin).  Copy Tables-Script-SQL Server.sql for the MS SQL install locally to the SQL Server.  Select the database for the biometrics and execute the script.  Once this is done configure your backup of the database.  After the backup configuration is done the database is ready.

-Now that the database preparation is done be sure the BioSnapon service is not running (make sure the traffic light is red) next launch the BioSnapon Server Administration tool again and Select the Microsoft SQL Server radio button on the Database Tab.  This will change the connection string to a template of a SQL connection string.

- Connecting the SQL database is a little annoying if you (like me) do not frequently work with MSSQL. But in the latest release the BioPlugin server help files give sample definitions for the connection string. You will next want to review the BioSnapOn Installation Help Guide found on the install CD in the Documentation folder.  Navigate to the Help file location: Installation>Database Configuration>SQL Server. This provides settings and options for Using ODBC connection, SA and Windows Authentication.


- We had success with  MS SQL Server DSN-Less Connection with SQL Authentication and the following connection string. Values have been changed and display what information should be entered for each variable.
  User ID=SQL Account Created when you created the Database;
  Password=Password for the Account Created Above;
  Persist Security Info=False;Initial Catalog=Database Name for the Database you created above;
  Data Source=Name of the SQL Server to which you are connecting

- Apply the settings and restart the server.  After the restart your BioPlugin server should have a green light and the core server log should be ‘waiting for client request’

Now you are ready to Install and configuring the BioSnapOn Client on the workstation, point it to the BioSnapOn Server and testing scans.

Previous -  Part 2: Why Vein Scanning?

Next – Part 4: Configuring M2Sys Vein Scanning Client


So, what do you think ?