community
cancel
Showing results for 
Search instead for 
Did you mean: 

alteryx server Knowledge Base

Definitive answers from Server experts.
 You are using an unsupported browser for translation. Please switch to another browser.

How to check what's using the port and steps for changing some services' default port!
View full article
Alteryx Server provides a fully scalable architecture that allows an organization to scale Alteryx to automate data analytics, tackle bigger projects, process larger datasets and put self-service data analytics into the hands of more decision makers. From scaling Worker nodes to Gallery nodes to the MongoDB persistence layer, Alteryx Server allows organizations to efficiently manage their automated and self-service data analytics needs.
View full article
One common reason why the Alteryx Service appears stuck in the 'Stopping' state is when the service is trying to stop but the AlteryxEngineCmd.exe process is running. In other words, a workflow is running. The Alteryx Service cannot be stopped when a workflow is running due to a schedule or a Gallery run.
View full article
Now, find all your Server and Gallery questions and answers in one place!  The new Gallery Admin Help Page has your Server Installation Guide, Configuration instructions, and the much-requested Administer Gallery management features - Subscriptions and Studios defined!  Manage your user permissions!  Edit user accounts!   
View full article
One of the three database options when setting up the Alteryx Server is to connect into a User-Managed MongoDB instance.  Why would you want to set up your own implementation of MongoDB?  The main benefits are to take advantage of the features of MongoDB that are not included with our embedded instance.
View full article
Question The below question was originally asked in the Discussion boards and comes up somewhat frequently from Server users:  Where I'm left scratching my head is how to best set up Gallery, manage permissions, and manage schedules. In an ideal world, I guess I'd see it going like this: Developers create workflows & upload to private gallery Admin (me) updates connection strings and performs cursory review before moving it into a shared area. Developers should be prevented from doing this.  QA team reviews and gives signoff. Admin (me) moves to a shared area (a collection?) and schedules the workflow as needed.  Developers sho uld be prevented from doing this.  Is this approach feasible given the functionality of Gallery? For now, it seems somewhat all-or-nothing to me. If I make somebody an Artisan, it seems like they can publish things to the gallery, schedule workflows, etc. But I may be completely missing something here.    Also, I'm using Windows authentication and I don't see any way to add users to a Subscription. There's literally no button below the Artisans & Members boxes. How do I do this? Answer The below answer was provided KoryC:   What you're wanting to do is very similar to what we see other customers looking to accomplish - essentially, better and more granular control over what users can do within given projects, and a promotion process of workflows. Today, our Gallery does indeed, as you mention, provide the artisan access as a sort of all or nothing type of deployment. So unfortunately, the level of access control you're looking for today is not yet available, but it is on our roadmap and something we are actively looking at for a future release - this is one of our top priorities.   So today, the best approach is indeed to make those developers artisans. Yes, this will enable them to make things public or share them even if they shouldn't, but there are still administrative capabilities, such as removal of workflows, that can help in case such accidents or activities occur.   And as for the user-to-studio management in Windows Auth mode - we're looking to get that button added for an upcoming release, and on top of that, taking a good look and building out some better and easier ways of managing users in Windows Auth mode in general, much in alignment with how we want to make user and gallery management easier in the future.   Let me know if this helps. I know it's not the ideal answer you'd want today, but we are looking to make some significant improvements here. I'd also greatly appreciate any time you may have to go over features like this and to get more direct feedback in the future too!   As far as your question regarding Windows Auth vs. Built-in - no, it's not required to use built-in for subscription artisans (though members don't make much sense in a Windows Auth environment). It is, however, trickier to manage, as you've discovered. The facilities for managing studios-to-users in Windows Auth are lacking at the moment, and it's an area we're looking to improve. Copying and editing the subscription key is indeed the only way. And yes, only one subscription per user - though this is another area we are looking at expanding upon in the future.   There is a button in v10.5 to add artisans to a studio, but not for members, which will likely ultimately go away, at least with Windows Authentication deployments.   For more information about Gallery Administration and setup, take a look at the following article. The link goes to the first of a four part article series: Alteryx Gallery Administration  
View full article
Changing your private gallery URL can be very important, particularly when inviting end users to run applications, download macros and run workflows from your company's gallery.    There are few steps you will have to take to make this happen:   The URL The default URL will look like this: http://localhost/gallery/ The part of the URL which is editable is the "localhost" part and this can be changed to the IP or Machine Name of the server The reason for the /gallery is when the full Alteryx Server is loaded and configured, AlteryxService (the Scheduler) takes root / for itself.  Since both the Scheduler and Gallery can’t coexist in the same area, Gallery is moved into its own subfolder DSN Settings DSN settings will need to be altered when you set up a  fully qualified domain name  (FQDN) For example pointing a server with the computer name of ir-lt-jb-01 and an IP address of XXX.XXX.XX.XXXX to jordanbarker.alteryx.com.  You will need to get your company's IT department to make these edits as they will have access to their DNS servers Best,  Jordan Barker Solutions Consultant 
View full article
Users have noticed that a private gallery that is enabled with Kerberos sometimes will not work with Firefox.  Chrome and IE might seem to pick up the credentials and display the gallery correctly, however, Firefox will present a blank page. This is because by default Firefox blocks all SPEGNO challenges from any web server. We need to configure Firefox to whitelist these sites to allow these requests to come through.   Open Firefox and enter about:config in the address bar. Dismiss any warnings that appear. In the search bar, enter negotiate. Double-click the network.negotiate-auth.trusted-uris preference.  This preference lists the trusted sites for Kerberos authentication. In the dialog box, enter the Gallery domain, such as example.com. Click the OK button. The domain that you just entered in the network.negotiate-auth.trusted-uris should now appear in Value column.  
View full article
Question How do you reserve port 80 on a server for a reverse proxy that Alteryx Server would sit behind?  Ideally, anything off the box could still connect using 80, but locally it would be configured it to use a different port. Answer The Service Port can be currently only be modified by manually editing a key configuration file called "RuntimeSettings.xml."  It's important to note that there are two files with this name installed on a Server:   There is a read-only file called RuntimeSettings.xml installed in the root Alteryx installation folder, which by default is C:\Program Files\ Alteryx\bin\RuntimeData\RuntimeSettings.xml .  This is the  core settings  configuration file used by Alteryx and must never be edited . There is a second file called RuntimeSettings.xml located at C:\ProgramData\Alteryx\RuntimeSettings.xml.  This file is created and modified by the Alteryx System Settings dialog, and contains settings overridden from the base configuration file in (1). **Please note that the settings should only ever be modified using the Alteryx System Settings dialog, as incorrect or incomplete settings could prevent your server from running correctly.**   Please reach out Alteryx prior to performing any manual modification of your Server configuration.  This is especially important if you are running a multiple-node Server installation, as all nodes will need their Controller information updated.  Similarly, Alteryx Designer users using the Scheduler will also be impacted by the change.   If you "must" change the Service Port be sure to: Schedule planned Server downtime with your Server users Stop the Server (using the Service Control Manager or Services tab in Task Manager) Navigate to C:\ProgramData\Alteryx\ Create a copy of the file RuntimeSettings.xml A an Administrator, start Notepad and open RuntimeSettings.xml Under the "Controller" section of the XML, add the tag <ServicePort>your_desired_service_port</ServicePor t> Save the RuntimeSettings.xml file Open Alteryx System Settings and add the port to the Base Address like so: http://localhost:your_desired_service_port/gallery/ Start the Server  (using the Service Control Manager or Services tab in Task Manager) Verify Server operation
View full article
Receiving the error below when attempting to schedule a module?   “An error occurred in the scheduler. Server Error: 500 Server Error GetExpectedValue: Expected “Container” but got “Sid” Incorrect type requested 1 actual 4”   Post v10.5 release, your Alteryx Server and working environment must be of the same version in order to enjoy the upgrades of the release and still be able to commit scheduled workflows correctly. When the versions of your worker and server do not match, you’ll receive the error above. While our recommendation is to be using the most up to date release, you can always upgrade or revert your designer version either at our Downloads page (current version) or the Previous Releases webpage. To check on the version you’re using, you can navigate in the Designer to the Help >> About menu.
View full article
Question Is it possible to have multiple administrators for a Gallery Collection? Answer Yes, as of v10.1 we have added the ability to add additional administrators to Gallery Collections. In the past, the Collection owner was assigned as the sole administrator. In order to add another user as an administrator, the user must also be an Artisan to the Private Studio from which the app was shared. Please follow the steps below to add an administrator to a Collection:   In the Gallery, click on the Collections button. Click on the Collection you want to add the Administrator. Click on Users, look for the user, and then click on “Collection Admin”.     Once you've added the Admin permission , the user should now be able to add/update any app/workflow within the Collection.
View full article
Recently, we have had a number of questions regarding SSL certificates, how to install them, and how to configure Alteryx Server to use them. While the Alteryx Server Installation and Configuration Guide does cover enabling SSL for Alteryx Server, it doesn’t cover obtaining a certificate, or how to install that certificate so it can be used by the server.   There are a number of tools and methods you can use to obtain a SSL certificate to use with Alteryx Server.  In this article we will be focusing on using OpenSSL to create a Certificate Signing Request (CSR) to send to a Certificate Authority (CA), generating a self-signed certificate, installing the certificate, and configuring Alteryx Server to use the certificate.   Note: If you don’t have OpenSSL installed on your server you can download a precompiled Win32 or Win64 binary from https://slproweb.com/products/Win32OpenSSL.html. Please keep in mind that OpenSSL is not developed, or maintained by Alteryx. That we have no affiliation with the OpenSSL project, or the provider of this precompiled binary. As such feel free to use which ever implementation of OpenSSL you are comfortable with.   Creating a Certificate Signing Request with OpenSSL:   To generate a CSR, open an administrator command prompt on your server and navigate to the directory containing your OpenSSL.exe and configuration file. From there run the following command:   openssl.exe req -config openssl.cfg -out ServerName.csr -new -newkey rsa:2048 -nodes -keyout ServerName.key   This will prompt you to answer a number of questions related to your organization and the server. You can use the included a screenshot for your reference, but keep in mind the responses should be based on your organization and server information.     This command will create two files in the same directory with a .csr and .key extension. These files will need to be provided to your CA in order to have your certificate created. This can be either an internal CA, or a public CA such as; Verisign, GeoTrust, DigiCert, Entrust, StartCom, etc. The CA will provide you with a signed certificate in return as a .crt, .cer, .pem, or .pfx file.   Creating a Self-Signed Certificate with OpenSSL:   You can also use OpenSSL to generate a self-signed certificate. While this isn’t recommended for production environments there maybe a number of reasons why you would want to create one. Some possible reasons include dev or lab environments, and testing to confirm functionality before purchasing a certificate from a public CA. Regardless of your reason you can do so with the following procedure:   Open an administrator command prompt and navigate to your OpenSSL directory. Once there, run these commands:   openssl.exe req -config openssl.cfg -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout ServerName.key -out ServerName.crt openssl.exe pkcs12 -export -out ServerName.pfx -inkey ServerName.key -in ServerName.crt   The first command generates a signed certificate (.crt file) and private key (.key file). The second command creates a combined certificate and key file in a .pfx format from the generated certificate and key. Please keep in mind you will be asked the same or similar questions as you would if you were generating a CSR. Please reference the screenshots below:       Note: As previously stated we do not recommend using self-signed certificates in production environments.   Installing the Certificate:   Once we have received the signed certificate from the CA or generated a self-signed certificate we need to install it. To install the certificate we need to open a Microsoft Management Console (MMC) to access the Certificates snap-in by following these steps:   Click Start and then click Run. In the command line, type MMC and then click OK. In the Microsoft Management Console (MMC), on the File menu, click Add/Remove Snap-in. In the Add Remove Snap-in dialog box, click Add. In the Add Standalone Snap-in dialog box, select Certificates and then click Add. In the Certificates snap-in dialog box, select the Computer account radio button because the certificate needs to be made available to all users, and then click Next. In the Select Computer dialog box, leave the default Local computer: (the computer this console is running on) selected and then click Finish. In the Add Standalone Snap-in dialog box, click Close. In the Add/Remove Snap-in dialog box, click OK.   Next, we need to actually import the certificate. To do this:   Expand Certificates > Personal Right click on certificates under personal Select All Tasks > Import.     This will open the certificate import wizard.     Click Next       Browse to the certificate file provided by your CA, or the pfx file generated in the self-signing instructions Click Next   If you are using a self-signed certificate, or your CA issued a certificate that includes the private key you will be prompted for the password/phrase. Otherwise this step will be skipped by the import wizard.     Enter the password Check the box to mark this key as exportable Click Next   The next screen will ask to confirm where you want to place the certificate. This should have the Certificate store set to ‘Personal’ already.      Set the Certificate store to Personal if needed Click next On the next screen click Finished   If you are installing a self-signed certificate we need to repeat these steps in order to establish the local server as a trusted authority. To do this install the certificate a second time following the same steps as above. Except this time we are going to install it to the Trusted Root Certificate Authorities store instead of the Personal store. You can do this by expanding Trusted Root Certificate Authorities, right clicking on certificates, and choosing All Tasks > Import, or by changing the Certificate store at the end of the import wizard.       Configuring Alteryx Server to Use the Certificate:   At this point you can follow the detailed instructions in the Alteryx Server Installation and Configuration Guide to complete the configuration. Alternatively (and for completeness), you can continue with these simplified instructions.   First you need to collect the certificate thumbprint for the certificate you installed above. You can do this from MMC > Certificates > Personal > Certificates by right clicking on the installed certificate and choosing open. This will open a certificate dialog for the certificate you installed. From there, select the Details tab and find the Thumbprint field. Copy the value and remove all spaces from it (e.g. ‎74d4ca722e2954cd225f9b4697d2fc7f6747194c).     Next, you need to bind http port 443 to the certificate. To do so, open your administrator command prompt again. Then run the following command, making sure to replace the certhash with the thumbprint value you captured:   netsh http add sslcert ipport=0.0.0.0:443 certhash=‎74d4ca722e2954cd225f9b4697d2fc7f6747194c appid={eea9431a-a3d4-4c9b-9f9a-b83916c11c67}     To check that the binding is correct, you can run the following command:   netsh http show sslcert       Note: When renewing an expired or expiring certificate, you will need to delete the current binding (netsh http delete sslcert ipport=0.0.0.0:443), capture the thumbprint of the new certificate, and rebind the certificate using the instructions above.   For the final step, you will need to configure the Gallery service to use SSL. To do this open Alteryx System Settings and click Next until you reach Gallery > General. Once there find the Base Address section and check the box to Enable SSL. Then click Next, Finished, or Done as appropriate to apply the settings change and restart the Alteryx Service.     Note: The URL must also match the name the certificate was issued to. As such, if the certificate was issued to the server's fully qualified domain name (e.g. hostname.domain.tld), your URL needs to match this by using https://hostname.domain.tld/gallery/. If the certificate was issued to just the hostname, you would need to use https://hostname/gallery/. If the URL doesn’t match the certificate the service will fail to start properly.       Applicable versions: Alteryx Server 10.0 & 10.1 Credits:
View full article
For a shared server, the system owner/IT contact should set the memory to no more than (total memory-2G)/(Number of Users). This allows all users to run modules simultaneously without causing the system to go into virtual memory, which significantly slows processing.
View full article