Professional Documents
Culture Documents
TC279 Ta HLD V1.0
TC279 Ta HLD V1.0
VERSION: 1.0
DISCLAIMER
This document contains information from Tawazun Council (TC) that is confidential and privileged. The information is intended
for the private use of TC. By accepting this document you agree to keep the contents in confidence and not copy, disclose, or
distribute this without written request to and written confirmation from TC. If you are not the intended recipient, be aware that
any disclosure, copying, or distribution of the contents of this document is prohibited.
1. DOCUMENT CONTROL:
2|P a g e
2. DOCUMENT PUBLICATION HISTORY:
All
Document title TC279_TA_HIGH LEVEL DESIGN
Reference ID 231026/TC/ITS/ITSP/TC279/TA/HLD
Version 1.0
revisions made to this document must be listed in chronological order, with the most recent revision at the
bottom
All revisions should be approved. Review and Approval can be done only by Tawazun ITSU
3|P a g e
3. DISTRIBUTION LIST
Information Technology and Security Unit NA Information Technology and Security Unit
4|P a g e
Table of Contents
1. DOCUMENT CONTROL:
2. DOCUMENT PUBLICATION HISTORY:
3. DISTRIBUTION LIST
3.1 PURPOSE
3.2 TERMINOLOGY
4 PURPOSE & BACKGROUND
BACKGROUND
4.1 HOW IVANTI CONNECT SECURE WORKS
5 PROPOSED SOLUTION DESIGN
5.1 HIGH LEVEL NETWORK DESIGN
6 BILL OF MATERIAL - SUMMARY
EXECUTIVE SUMMARY
Objective of this document is to describe the implementation procedures to be followed for performing the installation of
TIMECHECK
INTRODUCTION
The purpose of the Time Attendance system is to track the employee movements and calculate the attendance, including the late,
early and overtime for the employees. The movements are clocked using access control readers, and once the movements are
polled from the reader, it is used for the employee attendance calculation, based on the schedule, grace times, leaves and holidays.
The users should be able to use the system by logging into the system.
SOFTWARE DETAILS
5|P a g e
PREREQUISITES
1. Application Server
Server Role for Web Server and Application Development should be enabled with below features:
1. Management Tools , IIS Management Console , IIS 10.0 Management Compatibility , IIS 10.0 Metabase
2. Compatibility, IIS Management Scripts and Tools, Management Services.
3. Common HTTP Features , Default Document , Directory Browsing , HTTP Errors , Static Content , HTTP
4. Redirection, WebDAV Publishing
5. Health and Diagnostics, HTTP Logging, Logging Tools , Request Monitor , Tracing
6. Performance, Static Content Compression, Dynamic Content Compression
7. Security, Request Filtering, Basic Authentication, Windows Authentication, URL Authorization, IIS
8. Client Certificate Support, IP and Domain Restrictions, Digest Authentication, Client Certificate
9. Mapping Authentication
10. .NET Framework 4.5, TCP Port Sharing, Web Server (IIS) Support
11. .NET Extensibility 3.5 / 4.5
12. ASP.NET 3.5 / 4.5
13. CGI , ISAPI Extensions , ISAPI Filters , Server Side Includes
14. WebSocket Protocol
15. Windows Process Activation Service Support, HTTP Activation, Named Pipes Activation, TCP
16. Activation
17. Windows Deployment Services, Deployment Server, Transport Server
1. MS WINDOWS SERVER 2022 (Windows Server 2022 R2 Standard Edition x64 fully updated)
2. English and Arabic both
3. MS SQL SERVER 2022 Native Client
4. PDF Viewer
5. Crystal Report 13.0.5 or greater.
6. System Language Settings
7. ODBC Dot Net Provider
SERVER DETAILS
6|P a g e
Application Server Details
No. of CPU 4
RAM (Gb) 8
VLAN Non-Prod-App
Subnet {{Subnet }}
Gateway {{Gateway }}
No. of CPU 2
RAM (Gb) 8
VLAN Prod-App 25
Subnet {{Subnet }}
Gateway {{Gateway }}
No. of CPU 4
RAM (Gb) 8
VLAN Prod-App 25
7|P a g e
IP Address {{IP Address }}
Subnet {{Subnet }}
Gateway {{Gateway }}
No. of CPU 8
RAM (Gb) 32 GB
Drives 2
VLAN VLAN 24 DB
Subnet {{Subnet }}
Gateway {{Gateway }}
PORT {{PORT}}
No. of CPU 8
RAM (Gb) 32 GB
Drives 2
VLAN VLAN 24 DB
Subnet {{Subnet }}
Gateway {{Gateway }}
PORT {{PORT}}
8|P a g e
FIREWALL.
1. Environment Setup Detail SQL cluster server is required to configure the databases for time & Attendance.
2. Creating Database (SQL Server)
Databases for TIMECHECK application have to be created (default name TIME_ROOT and TIME_MAIN). Restore
“TIMECHECK” existing database backup which will be used to retrieve existing Transactions, schedules and single permissions.
Create a database login/user named ‘-svc-tasapp’ with database owner privilege on TIMECHECK DBs (TIME_ROOT,
TIME_MAIN_TAWAZUN)
3 Creating Linked Servers (SQL Server)
Need access to bridge_Database to work on linked server.
A. Overview
The following information should be provided from the ERP system:
• Organization
• Grade
• Leave Type
• Nationality
• Employee Type
• Employee Details
• Employee Leaves
Above information will be fetched from ERP system and pushed into TIME_MAIN_TAWAZUN database. ERP will share the
views to be consumed by TIMECHECK in order to synchronize the Inbound and out bound information.
ERP will share the views to be consumed by TIMECHECK in order to synchronize the Inbound and out bound
information.
9|P a g e
10 | P a g e
C. TIMECHECK DATABASE SERVER TO ACCESS CONTROL DATABASE LINKED SERVER
Repeat previous step to create Linked server from TIMECHECK Database to Access Control Linked Server name should be
“{{ IP Address}}” and Server type should be SQL Server as Access Control Db uses.
OVERVIEW
TIMECHECK application is integrated with access control system. The integration is made possible using database link with SQL
direct queries and pushing Access control data and event details into bridge database “TimeCheck_TA_Bridge”. Access Control
data is available in AC database from connected devices automatically without any delay.
TIMECHECK will be synchronizing periodically with access control database to fetch the new transactions and process them
automatically according to the configured TIMECHECK policy.
TIMECHECK application requires the transactional data to be available with below attributes in specified format to enable the
integration with access control system
11 | P a g e
SYNCHRONIZATION / DATABASE ARCHITECTURE
This part will elaborate that how system is fetching IN / OUT events from access control system.
1. TimeCheck TimeCheck portal is mainly integrated with ERP system for employees, holidays and leaves information.
TimeCheck is fetching updated employee’s, holiday and leaves information from ERP system on daily bases and then
sending back employee’s absent details to EPR system at the end of every day. Moreover, for TA events, TimeCheck is
getting employees IN/OUT movements from access control system. Below is the Design diagram for reference
8081
1433
1433
12 | P a g e
Organizations
13 | P a g e
14 | P a g e
15 | P a g e
CREATING SYNCHRONIZATION JOBS (SQL SERVER AGENT)
Below is the list of jobs that needs to be scheduled for integration of TIMECHECK with Access Control system Database and
ERP Database
16 | P a g e
17 | P a g e
18 | P a g e
19 | P a g e
20 | P a g e
Note: Due to always on environment (high availability) you need to create the above jobs on all the available nodes and whenever
a failover occurs kindly start at the active server and stop at secondary. (As per infra team)
21 | P a g e
22 | P a g e