Seminar on Server, Network and Security for WebSAMS Network is a private and separated network, isolated from ITED Network ... Required software is installed in WebSAMS server Apache

Server, Network & System Security

Management Seminar for WebSAMS

Sep 2017 Server, Network & System Security Management Seminar for WebSAMS A - 2

Contents:

WebSAMS Architecture

Network and Server Configuration

Security and Maintenance

Backup of Data

Logs Checking

Trouble-shoot Case Studies



WebSAMS Requirements ( cont’d ) WebSAMS Architecture

WebSAMS Network is a private and separated network, isolated from ITED Network

Outside the WebSAMS Network, all users must go via the HTTP Server to access WebSAMS

HTTP Server can be located within the Demilitarized Zone (DMZ), or inside the ITED Network, as shown in the following slides


WebSAMS Requirements WebSAMS Architecture

HTTP Server and WebSAMS Server are connected in different subsets

Required software is installed in WebSAMS server

Apache

Jboss & JRE (Java)

Sybase SQL Anywhere 16

Crystal Server 2013

Anti-Virus Software & Backup Software

All WebSAMS network cards must be connected to WebSAMS network only


Network Designs in WebSAMS WebSAMS Architecture


Network Designs in WebSAMS (cont’d)



Internet Gateway

Internet Gateway

Separate Internet and ITED

2 interfaces - one for real IP and another for internal IP

Support NAT ( Network Address Translation ), i.e.

access from Internet to ITED



What is NAT?

Network Address Translation ( NAT )

Translate the IP address from one network to another network Typically one is inside and one is outside

Port mapping function



HTTP Server

HTTP server is simply a relay server which forwards all the requests to the WebSAMS server

The HTTP server itself does not store any data



WebSAMS Router WebSAMS Architecture


WebSAMS Router (cont’d)

WebSAMS Router ( between WebSAMS and ITED )

*Block all unnecessary network traffic

*Only allow specific network services and TCP ports

HTTP Server connects to WebSAMS server

Using TCP 8009 for production, TCP 7009 for training, TCP

8109 for 1 server 2 WebSAMS

WebSAMS server can access Internet without passing

through proxy

TCP 80 ( HTTP ) , TCP 443 ( HTTPS ), TCP/UDP 53 ( DNS )

TCP 25 ( SMTP ), TCP 110 ( POP3 )




WebSAMS LAN segment accesses Internet

Access Internet directly not through the Proxy server

Involved equipment

WebSAMS router

Internet Gateway

ISP



Network Settings on WebSAMS server

Under WebSAMS server

DHCP server setup

DNS server setup



DHCP server setup

Start > Administrative

Tools > DHCP

1

2



DHCP server setup ( cont’d ) Network and Server Configuration






Start > Administrative

Tools > DNS

1

2

Network and Server Configuration Internal DNS setup


Internal DNS setup ( cont’d )












Router Config

Modified default route

Example:

ip route 0.0.0.0 0.0.0.0 10.128.15.253

ACL modification

Example:

access-list 101 permit tcp any 10.128.30.0 0.0.0.255 gt 1023 established

access-list 101 permit udp any 10.128.30.0 0.0.0.255 gt 1023

access-list 101 permit icmp any 10.128.30.0 0.0.0.255 echo-reply

access-list 101 permit icmp any host 10.128.30.150 packet-too-big

access-list 101 permit tcp host 172.16.0.150 host 10.128.30.150 eq 8009

access-list 101 permit tcp host 172.16.0.150 host 10.128.30.150 eq 7009

access-list 101 deny ip any any log


Security and Maintenance


Best practices Security & Maintenance

Best practices on protection of and export of data from WebSAMS :

Proper Access Control

Data Encryption

Password Handling

Disable remote desktop service in WebSAMS server at “Control Panel > System > Advanced System Settings > Remote tab”


Patch update Security & Maintenance

Update security patches of Windows Server 2012R2

Install major Windows patches for Window Servers only after testing by EDB as announced via WebSAMS Release Notes / CDR message from time to time

Enable real time protection & update virus pattern on Anti-virus program (including all servers and workstations)

Update IOS (Cisco) or firmware on WebSAMS Router (Consult hardware vendor)

Command “starthsp” can be completed successfully in HTTP server


Data Security Security & Maintenance

Disconnect any shared folder on WebSAMS Server


Data Security (cont'd) Security & Maintenance

NAS should be connected to WebSAMS Server with a cross-over ethernet cable. Do not connect NAS device to the WebSAMS network switch.

Exposure of any sensitive export data to any public machine, such as student & guardian personal info, staff personal info, financial report, etc. is not recommended.

Keep an offline and offsite backup



Keep original basic network setting in WebSAMS unchanged. For example: Do not connect WebSAMS Server

to the ITED network switch or firewall directly.

Do not connect WebSAMS HTTP Server to the WebSAMS network switch.

Do not connect NAS device to WebSAMS network switch.

Do not connect Internet cable from ISP to WebSAMS Server.



To protect against leakage of sensitive data, schools are advised to: ensure that users can only import and export system data when

they are authorized to do so and appropriate measures have been taken.

maintain accuracy, integrity and consistency of system data when importing data to WebSAMS.

take all feasible measures so as to ensure the personal data collected by data users are protected against unauthorized or accidental access, processing, erasure or use.


Resources on IT Security of WebSAMS Security & Maintenance

IT Security in Schools – Recommended Practice (ITSS):

Path: EDB Webpage > Education System and Policy > Primary and Secondary School Education > Applicable to Primary and Secondary School > IT in Education > On-going Support

Security Guides & Checklist for WebSAMS:

Path: http://cdr.websams.edb.gov.hk >主頁 > 參考資料 > 保安及處理敏感數據指引

WebSAMS Version Upgrade release note:

Path: http://www.websams.edb.gov.hk > Version Upgrade for 3.0 > Major Upgrade

http://www.edb.gov.hk/en/edu-system/primary-secondary/applicable-to-primary-secondary/it-in-edu/support.html









http://cdr.websams.edb.gov.hk/











http://www.websams.edb.gov.hk/chi/upgrade/major3_c.html




http://www.websams.edb.gov.hk/eng/upgrade/major3.html

http://www.websams.edb.gov.hk/eng/upgrade/major3.html


Resources on IT Security of WebSAMS (cont’d) Security & Maintenance

Security reminders in security alert from EDB from time to time

Path: EDB Website > Education System and Policy > Primary and Secondary School Education > Applicable to Primary and Secondary School > IT in Education

Regularly visit the Information Security website of HKSAR for the update information of IT security

http://www.infosec.gov.hk

Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

https://www.hkcert.org

http://www.edb.gov.hk/en/edu-system/primary-secondary/applicable-to-primary-secondary/it-in-edu/index.html


















http://www.infosec.gov.hk/

http://www.infosec.gov.hk/tc_chi/main.html



https://www.infosec.gov.hk/

https://www.hkcert.org/




Internet Security Security & Maintenance

Only open WebSAMS to Internet access for a specific period when necessary:

1. Restrict the time for accessing WebSAMS from clients outside SAMS LAN

segment at “Security > Configuration > System Configuration”


Internet Security (cont'd) Security & Maintenance

2. Set up specific “Internet Access Time Profile” to further

control the access time for particular user clients outside

SAMS LAN segment at “Security > Access Control > Internet

Access Time Profile”


Internet Security (cont'd) Security & Maintenance


New function in WebSAMS: Security Check Security & Maintenance

New function in WebSAMS version 3.0.0.29082017

The Security Check function scans basic settings in: HTTP server

WebSAMS server WebSAMS router

Type command [starthsp] in HTTP server to update it before the first check


New function in WebSAMS: Security Check (cont'd) Security & Maintenance

1. The Security Check function can be enabled or disabled.

2. Set the scanning time for scheduled daily security check.

192.168.x.x

1.

2.


192.168.x.x


3. Provide supplementary information of Windows Server 2012 Settings in WebSAMS Server.

4. Click “Save” to save the setting or “Save & Perform Scanning” for an ad-hoc scan.

3.

4.


192.168.x.x


5. Click “Report Repository” to go to the page to view all reports generated.

6. Summary of the latest check will be listed.

5.

6.



7. If the checkbox is checked, a notification will be displayed after you log into WebSAMS when an exception report is generated.

192.168.x.x

7.



Exception Report Summary

Details

Note



The Security Check function facilitates schools to check the basic system security settings of WebSAMS

Tips on using the new function:

http://cdr.websams.edb.gov.hk/Files/Security/Tips on using the security check function.pdf



Schools should also conduct manual checking using the System Security Setting Checklist for WebSAMS on a regular basis as well as a need basis

Schools should properly keep the completed checklist for record purpose

http://cdr.websams.edb.gov.hk/Files/Security/System Security Setting Checklist for WebSAMS (in English version only).pdf






New feature in WebSAMS: Encrypt Export Files Security & Maintenance

New feature of encrypting export files is provided in WebSAMS version 3.0.0.25042017

To avoid repeating the warning messages during decrypting the exported files, trust the school WebSAMS URL in IE:

ALT+T > Internet Options > Security tab

> Local Intranet > [Sites]

> Input {School WebSAMS URL} > [Add]

In IE11 of Windows 7


New feature in WebSAMS: Encrypt Export Files Security & Maintenance

ALT+T > Internet Options > Security tab

> Trusted sites > [Sites]

> Input {School WebSAMS URL} > [Add]

In IE11 of Windows 10


WebSAMS Server Security Security & Maintenance

OS Hardening Setting and Security Best Practices:

1. Local Security Policy

Start Control Panel -> Administrative Tools -> Local Security Policy

In Account Policies -> Account Lockout Policy, set Account lockout threshold to “3” invalid logon attempts

Set Account logout Duration and also Reset account lockout counter after to “30 minutes”.

1. 2.

3.


WebSAMS Server Security (cont'd) Security & Maintenance

In Local Policies -> Audit Policy

Set Audit object access security setting to “Failure” and also set Audit system events security setting to “Success”

More policy settings in Appendix 8 of Installation Guidelines for WebSAMS 3.0

1.

2.

3.



2. User account management

Disable / delete all unused Login Accounts of Windows Server and WebSAMS Application

Start -> Control Panel -> Administrative Tools -> Computer Management -> System Tools -> Local Users and Groups -> Users -> Administrator

On the General tab of ALL user accounts properties, uncheck the Password never expires checkbox.



3. Enable Screen Saver Timeout

WebSAMS Server

Similar settings also apply to WebSAMS workstation/ITED workstation if accessing WebSAMS

Start -> Control Panel -> Display > Change screen saver

1.

2.



4. Enable Windows Firewall

Start -> Control Panel -> Windows Firewall > Advanced settings



Inbound Rules > new Rule…

1. 2.



Rule Type > Port

1.

2.



Protocol and Ports > TCP > Specific local ports:

80, 443, 8009, 7009, 3268, 7010, 7268 (Add 8109 & 9268 for 1 Server 2 WebSAMS only)

1. 2.

3.



Action > Allow the connection

1. 2.



Profile > Domain, Private & Public

1. 2.



Name > WebSAMS > Finish

1. 2.

3.

4.

5. Apply Latest

Security patch of

WebSAMS

Backup of Data


Backup Backup of Data

** Remind: Importance of Off-Line Backup

WebSAMS Backup Schedule Pre-backup Backup Post-backup

From about 00:00 am to 06:00 am

Flow of Scheduled Backup: Stop WebSAMS engine

Backup

Housekeep WebSAMS application log files

Start WebSAMS engine

Encryption of backup images


Backup Job Workflow Backup of Data


Pre-backup Backup of Data

D:\WebSAMS3.0\batch\pre_backup.bat

Running 15 mins

Stop JBoss, database, Apache

Make copy of WebSAMS data to E:\data\<SUID>\database\sched


Backup Rotation Configuration Backup of Data


Backup Rotation Configuration (cont’d) Backup of Data
















Backup Rotation Configuration (cont’d)

After the time of scheduled

job – Pre_backup.bat

Backup of Data




Post-backup Backup of Data

D:\WebSAMS3.0\batch\post_backup.bat

Housekeep Apache log files D:\WebSAMS3.0\Apache\logs\

Housekeep WebSAMS server log files ( older than 30 days ) D:\WebSAMS3.0\JBoss-as-7.1.1.Final\standalone\log

Housekeep CDS log ( More than 30 days ) E:\data\CDS\<dest_id>\system\log\

Housekeep Report temp log files E:\data\<SUID>\rpt\temp

Start database, JBoss, Apache


Backup on HTTP Server Backup of Data

Back up WebSAMS HTTP server (SUSE Linux Enterprise 11) setting to a USB drive or a floppy drive

User command “httpconfig”

Or use command “fdisk -l” to check USB device name e.g.: sda1, sda2 or sdb1…,etc.

Use command “grepconfig” / “grepconfig /dev/{USB device name}”. (For 1 Server 2 WebSAMS environment, use “grepconfig_1s2s”)

Run the command when HTTP server is running in good condition

Those files can be copied to any Windows storage for backup purpose


Backup on HTTP Server (cont'd) Backup of Data

Step 1 : Log in HTTP server as root

Step 2 : Type command “httpconfig”

Or “grepconfig /dev/sda1”.

Step 3 : Press “Y” in the following screen





Step 4: Press “0” if all information is correct

Step 5: Press “Y” to confirm in the following screen

Logs Checking


Logs checking Logs Checking

Windows Event Viewer log

Control Panel > Administrative Tools > Event Viewer

Apache log

D:\WebSAMS3.0\Apache\logs\ access.log-<dd-MM-yyyy> ( http request log )

errors.log-<dd-MM-yyyy> ( error log )

Virus scanning log

Backup software log


Logs checking (cont'd) Logs Checking

Local backup log

To check whether the pre-backup tasks have been

run successfully (E:\data\<SUID>\Log\DB\backup.log)



JBoss Server Log D:\WebSAMS3.0\JBoss-as-7.1.1.Final\standalone\log\server.log

Time Stamp

Severity

Message



WebSAMS Upgrade Logs

E:\temp\wsup1\<yyyyMMdd.HHmm>\*

E:\temp\wsup2\<yyyyMMdd.HHmm>\*

(For 2nd instance of 1 Server 2 WebSAMS)

E:\temp\training\<yyyyMMdd.HHmm>\*

Files and directories are saved under <yyyyMMdd.HHmm> folder, and the latest folder should be kept for tracking purpose.



WebSAMS HTTP Linux Server

Apache log

(/var/log/apache2/access_log_80, 443, 7010)

Error log

(/var/log/apache2/error_log_80, 443, 7010)

System log

(/var/log/messages)

Virus scan log (/var/log/TrendMicro/SProtectLinux/Virus.yyyyMMdd.#### )



Linux System Log

/var/log/messages

/var/log/



All logs in anti-virus: https://websams.school.edu.hk:14943

Virus Logs, Spyware Logs, Scan Logs & System Logs

/var/log/TrendMicro/SProtectLinux/





Hardware Firewall Log Screen


Change password Logs Checking

Change Passwords in regular basis OS System administrator

WebSAMS login accounts including “sysadmin” and “asysadmin”

HTTP root account


Change password (cont'd) Logs Checking

Trouble-shoot Case Studies


General trouble-shoot ( Helpdesk issues )

10 general issues frequently received by WebSAMS Helpdesk: 1. ITED / Internet cannot access WebSAMS

2. Unable to connect CDS

3. Unable to back up

4. ITED-access becomes Internet-access

5. WebSAMS-access becomes ITED-access

6. How to setup WebSAMS client PC?

7. How to install WebSAMS root certificate on ITED or Internet client PC?

8. Generate report problem

9. Fonts problem

10. Version upgrade problem


1. ITED / Internet cannot access WebSAMS

Double check whether WebSAMS has been started ?

Test if WebSAMS segment works or not

Check whether ITED client PC has resolved the IP problem ? DNS problem / DHCP problem

Proxy client

Check using “Internet Explorer” on the ITED client PC

Check whether the ITED client PC uses proxy in IE ?

Confirm whether HTTP server has been started up & the ‘Pass Phrase’ has been entered? Idle 25 seconds > rcapache2 restart

In HTTP server, do the test by typing: telnet <WebSAMS_server_IP> 8009


1. ITED / Internet cannot access WebSAMS ( cont’d )

Success Sample

Failure Sample



If succeed, it must be ITED segment problem

If fail, it could be: HTTP server crash

HTTP server wrong setting

WebSAMS’s router wrong setting ( or reset )

School firewall setting if HTTP server in DMZ

If it can load SSL prompt, that means HTTP running smoothly.

Otherwise, it may be HTTP setting or router setting problem



ITED can access WebSAMS successfully but Internet cannot. The problem is due to:

Hosting registration of WebSAMS domain name in Internet

Internet Gateway problem ( port mapping )

HTTP server’s Default Gateway setting is wrong

It should be set to the Internet Gateway which performs port

mapping

Type “route” in Linux command line to show default gateway

setting


2. Unable to connect CDS

It may be caused by: Network connection of WebSAMS server has ever broken a short

period

Wrong URL of the Primary and Secondary CDS Extensions in WebSAMS at “CDS > Transmission > Schedule Transmission”

Wrong Internet Gateway setting

Wrong WebSAMS router setting

In WebSAMS server, try to connect Internet without passing through proxy Go to (www.hsbc.com.hk) then click “logon” to test whether https URL

works or not;

Try to ping: cdsx1.websams.edb.gov.hk and cdsx2.websams.edb.gov.hk /

websams.cds.edb.gov.hk (Auto-update CDS message: URLs of CDS extension and CDS certificate)

If fail, it may be DNS problem


2. Unable to connect CDS ( cont’d )

Nearly 95% of network problem with the message of “Unable to connect CDS” could not pass the following testing. e.g. Internet Gateway did not allow WebSAMS server access

Internet

e.g. WebSAMS router setting had a wrong ACL or wrong default route

A very special case may happen that CDS can send but cannot receive messages. Under our investigation , it may be caused by the ISP and

network setting

Solution :

Implement “packet-too-big” into router setting


3. Unable to back up

Hardware failure or no free space of hard disk in NAS

Besides, over 95% of cases are due to the following 3 reasons :

Backup task is configured wrongly

Backup task spends too much time that causes post_backup starting early than estimation

The administrator password in system does not synchronize with one from backup batch jobs

For case 3 above, we need to :

Change the password in pre_backup , post_backup

Change the password in Backup software

All password settings must be same as system administrator password


4. ITED-access becomes Internet-access

Internal DNS setting

Proxy client ?

Client PC using proxy in IE ?

Trouble-shoot Ping URL in command prompt, check what IP is resolved

It should be HTTP internal IP

In one very extreme case The school places HTTP in DMZ

The school Internet gateway changes the source IP

i.e. SNAT in Linux


5. WebSAMS-access becomes ITED-access

Make sure the WebSAMS version to be on 3.0.0.28082015 or above

Internal DNS setting

Proxy client ?

Client PC / WebSAMS server using proxy in IE ?

Trouble-shoot Ping URL in Command Prompt, check what IP is resolved

It should be WebSAMS server IP

2 ethernet ports in WebSAMS server:

In Command Prompt, enter ‘ipconfig /all’. The first IP address should be the private IP of WebSAMS server. If the first IP address is to connect the NAS, swap the ethernet cables and setting of Internet Protocol (TCP/IP) in between the WebSAMS interface and NAS interface.

4 ethernet ports in WebSAMS server:

Make sure the primary ethernet port which connects to WebSAMS segment and it does not connect to NAS

Make sure the primary ethernet port that matches in the BIOS setup (Motherboard setup)



OS requires Windows 7 or above

Adobe Reader 10.0 or above supports Windows 7/8/10

Enable Hong Kong Supplementary Character Set (HKSCS) in Windows 7/8/10, refer to the 9th question

WebSAMS supports IE:

Windows 7 SP1 + IE11

Windows 8.1 Update + IE11

Windows 10 + IE11 (Microsoft Edge is not compatiable with WebSAMS)



How to find IE11 on Windows 10?

Start menu > Windows Accessories > Internet Explorer

Search “IE” > Internet Explorer


6. How to setup WebSAMS client PC? ( cont’d )

SAP Crystal Reports 2013 ( full installation )

SAP Sybase SQL Anywhere 16 ODBC Driver (32-bit)

How to get ODBC Driver ?

Available in the installation CD of SAP Sybase SQL Anywhere 16

Driver Installation: Databases > SQL Anywhere (32-bit) > SQL Anywhere client



Driver Installation: Databases > SQL Anywhere (32-bit) > SQL Anywhere Client



Configure ODBC Setting: For 32-bit Windows : Control Panel > Administrative Tools >

Data Sources (ODBC)



Configure ODBC Accounts: For 64-bit Windows : Type “ODBC” in the search field of

Windows Start menu > ODBC Data Sources Administrator (32-bit)










Install WebSAMS Root Certificate on Windows 7/8/10

7. How to install WebSAMS root certificate on ITED or Internet client PC?



7. How to install WebSAMS root certificate on ITED or Internet client PC? ( cont’d )











Verification of root certificate in Internet Explorer

Tools (Alt+T) > Internet Options > Content tab



Verification of root certificate in Internet Explorer



8. Generate report problem

Checking Crystal Reports Server

SAP BusinessObjects Central Configuration Manager

Apache Tomcat for BI 4

Server Intelligence Agent


8. Generate report problem ( cont’d )

SAP BusinessObjects Central Management Console (CMC)

http://localhost:8080/BOE/CMC/ Or

http://127.0.0.1:8080/BOE/CMC/







Add parameters “ -ipport 1566 -reportdirectory E:\Data”



Other cases:

Check WebSAMS server computer name Is that equal to the sub-domain name in URL ?

If the sub-domain name is websams-am.schabc.edu.hk then WebSAMS server

computer name should be “websams-am”

The report is generated from customized template Restart JBoss

Try to generate built-in template first If succeed,

Customized template problem

If fail,

Download “Points to Note for Upgrading of WebSAMS 3.0 (Sybase and Crystal Reports) ” from “http://cdr.websams.edb.gov.hk >主頁 > 2014 提升「網上學校行政及管理系統」參考資料”

Contact help desk for further investigation







Update any user-customized report in WebSAMS 3.0 Open Data Sources (ODBC)

For 32bit Windows: Control Panel > Administrative Tools

For 64-bit Windows: Type “ODBC” in the search field of

Windows Start menu > ODBC Data Sources Administrator

(32-bit)



Input an ODBC login

account on the

WebSAMS workstation

for connecting to

WebSAMS database,

such as “genuser”,

“fmpuser” or “stfuser”

Verify database in

Crystal Reports on

WebSAMS workstation





Remove the

User ID and

leave it blank



Click “OK” several times



Unable to open cumtomized report template by Crystal Reports 2013.

Open it by Crystal Reports 9 Delete any duplicate parameter

field(s) in Field Explorer

Delete any

duplicate

parameter

field(s)



Verify the SQL syntax of the user-customized report

templates

For details, please refer to http://cdr.websams.edb.gov.hk >

主頁 > 2014年提升「網上學校行政及管理系統」參考資料 > 10.

Points to Note for Upgrading of WebSAMS 3.0 (Sybase and

Crystal Reports)
















9. Fonts problem

The font in WebSAMS Server is corrupted

Cannot display HKSCS fonts in WebSAMS report (.PDF) If the size of “MingLiU.TTC” font file NOT = 26M

1. Reboot the WebSAMS Server and press F8 key during startup to enter Windows Safe Mode;

2. Right-click the bottom left Windows Start button and select “Command Prompt (Admin)”;

3. Type the command "takeown /f C:\Windows\Fonts\mingliu.ttc" and press ENTER key;

4. Type the command"icacls C:\Windows\Fonts\mingliu.ttc /grant administrators:F" and press ENTER key;

5. Type the command "ren C:\Windows\Fonts\mingliu.ttc mingliu.bak" and press ENTER key;

6. Type the command "exit" and press ENTER key to close the Command Prompt window;

7. Copy the font file :

from D:\WebSAMS3.0\batch\utilities

To C:\Windows\Fonts

8. Reboot the WebSAMS Server to Windows Normal Mode and start WebSAMS services.

Don’t install any Government HKSCS on WebSAMS Server.


9. Fonts problem ( cont’d )

Enable HKSCS (Hong Kong Supplementry Character Set) on Workstation

Cannot display HKSCS fonts in WebSAMS report (.XLS / .DOC)

Windows 7, 8 & 10 have built-in support for HKSCS-2004 with ISO 10646/Unicode code allocation scheme.


9. Fonts problem ( cont’d )

Enable HKSCS (Hong Kong Supplementry Character Set) on Workstation


10. Version Upgrade Problem

WebSAMS version <> DB version

Caused by unsuccessful WebSAMS upgrade

Solution WebSAMS Java version cannot be upgraded

Recover files from E:\temp\wsup1\<the latest folder>\backup\

Contact Helpdesk to get the instruction


10. Version Upgrade Problem ( cont’d )

If database is running, execute the < 2. Start Database > again…

The following error will be prompted:


WebSAMS Helpdesk Scope

WebSAMS Application enquiry Modules maintenance

General usage enquiries

WebSAMS Technical enquiry Focus on WebSAMS Application


Resources

WebSAMS Central Document Repository: http://cdr.websams.edb.gov.hk

WebSAMS System Manual: (AOM) http://www.websams.edb.gov.hk/chi/newschool/newschool_c.html > 其他相關資料

(COPM) http://www.websams.edb.gov.hk/chi/newschool/newschool_c.html > 其他相關資料

(UM) http://cdr.websams.edb.gov.hk -> 主頁 > 系統文件 > 用戶手冊

WebSAMS Forum: WebSAMS Central Document Repository ->主頁 > 相關網頁連結 > 香港教育城校管系統討論區 or ;

http://forum.hkedcity.net/forumdisplay.php?fid=71

WebSAMS Helpdesk: Hotline: 3125-8510

Fax: 3125-8999

E-mail: [email protected]

Leave your School ID, contact person and contact number



http://www.websams.edb.gov.hk/chi/newschool/newschool_c.html




http://cdr.websams.emb/














https://forum.hkedcity.net/index.php?forums/websams-%E8%A8%8E%E8%AB%96%E5%8D%80.71/


CDR Website


WebSAMS Forum (cont’d)

Q & A Session

The End

Documents

Seminar on Server, Network and Security for WebSAMS Network is a private and separated network, isolated from ITED Network ... Required software is installed in WebSAMS server Apache