Deployment of YSoft SafeQ Client v3

Folder structure

Following is what the folder structure looks like for the deployed YSoft SafeQ Client v3.

YSoft SafeQ Client folder structure
[Client Installation Path]
├── JobStore
└── versions
├── latest // Symlink to the latest version, system services use this to always target latest version
└── 9.9.9
├── configuration
├── logs
└── ...

Installation instructions for macOS workstations:

The client application package contains the installation script install.rb. Two components will be installed: YSoft SafeQ Spooler service (com.ysoft.safeq.spooler) and YSoft SafeQ Client (com.ysoft.safeq.client).

Installation deploys three print queues. You can change their drivers and use any of them. The script has the following arguments:

Argument

Description

Required

Default value

Example

--install-path

The path where the YSoft SafeQ Spooler will be installed.

no

/Library/Application Support/YSoft.Spooler


--siteserver-sources

Sources from which the list of Site Servers should be loaded. Currently values "Local" and "JobService" are supported.

"Local" - client will include Site Servers from its local configuration file into its Site Server selection pool

"JobService" - client will include Site Servers from configuration provided by Job Service into its Site Server selection pool

no

no

local,jobservice

--enable-manual-siteserver-selection

User can manually choose the site server the client will connect to.

no

Manual Site Server selection by user is DISABLED.


--siteserver-hosts

Comma-separated list of IP addresses or hostnames of the server where YSoft SafeQ Job Service is installed. The spooler will connect to the first one and if it is not available it will randomly select from the rest.

yes

NONE

10.0.10.50,10.0.10.51

--siteserver-aliases

Comma-separated list of aliases of the Site Server hosts. They have to be in the same order as Site Server hosts.

no

NONE

eva,merlin

--jobservice-ports

Comma-separated list of ports where YSoft SafeQ Job Service listens. They have to be in the same order as Site Server hosts.

no

5000 (for all Site Servers)

5000,5000

--serverspooler-ports

Comma-separated list of ports where YSoft SafeQ Spoolers in Server mode listen. They have to be in the same order as Site Server hosts.

no

5002

5002,5002

--ipp-port

Port where the YSoft SafeQ Spooler will listen for print jobs sent through IPP.

no

5631

5631

--ipps-port

Port where the YSoft SafeQ Spooler will listen for print jobs sent through IPPS.

no

NONE

9000

--ipps-certificate-path

Path to the certificate that will be used to enable receiving print jobs through IPPS.

no

NONE


--ipps-certificate-password

Password for the certificate that will be used to enable receiving print jobs through IPPS.

no

NONE


--lpr-port

Port where the YSoft SafeQ Spooler will listen for print jobs sent through LPR.

no

5515

5515

--skip-print-queues

Switch which will disable the installation of default print queues.

no

Installation of default print queues is enabled.


--force

Switch which forces the installation, it will overwrite any existing files.

no

Files will not be overwritten.


--disable-certificate-validation

Switch which disables YSoft SafeQ Client's validation of HTTPS certificates. Using this switch will severely decrease the security because the client will communicate with the server which does not have a valid certificate.

no

Certificate validation is enabled.


--spooler-mode

The mode in which the spooler will be running. The possibilities are "Server" for server mode, "ClientSpooling" for client with spooling and "ClientNonSpooling" for client without spooling.

no

ClientSpooling

ClientSpooling

--https-certificate-store-location

Store location of the certificate used for HTTPS in "Server" mode. The possibilities are "LocalMachine" and "CurrentUser".

in "Server" mode

NONE

LocalMachine

--https-certificate-store-name

Store name of the certificate used for HTTPS in "Server" mode. The possibilities are "My" and "Root".

in "Server" mode

NONE

My

--https-certificate-thumbprint

Thumbprint of the certificate used for HTTPS in "Server" mode.

in "Server" mode

NONE

2E69C921F3F417C176A299F1CC9A163FC925C019

--authentication-type

Authentication method that the Spooler uses to authenticate users.

Possible values: DOMAIN_USERNAME, USERNAME_AND_PASSWORD, STORED_USERNAME

DOMAIN_USERNAME - The username of the user logged into the workstation is used.

USERNAME_AND_PASSWORD - The user will be prompted for a username and password.

STORED_USERNAME - A username will be retrieved from the configuration file.

no

NONE

STORED_USERNAME

--username

Store name of the user for STORED_USERNAME authentication method.

in "STORED_USERNAME" authentication method

NONE

John

--enable-dhcp-discovery

Enable DHCP-based discovery of Site Server host addresses.

no

DHCP-based discovery is disabled.


Installation steps for macOS workstations:

  1. Download the "YSoft SafeQ Client v3 macOS.dmg" disk image (you can find it in the product installation packages).

  2. Open the disk image – it will mount a new volume.

  3. Open terminal in the directory of the mounted volume - there are several ways to achieve it.

    1. Way 1

      1. Open disc image

        images/download/attachments/160475535/image2020-11-25_13-18-20.png
      2. Right-click on any file in the disk image.

      3. Expand the "Services" submenu.

      4. Choose "Open new terminal tab here" in any terminal.

    2. Way 2 - open Terminal and change the directory to the mounted volume – depending on the version of the client.

    1. cd "/Volumes/YSoft SafeQ Client v3.0"
    2. cd "/Volumes/untitled"
  4. Run the installation script in the current folder (for more installation options check the documentation)

    1. sudo ./install.rb --siteserver-hosts=[JOB SERVICE HOST]
  5. Verify that the client is running. You can verify it by the icon in the taskbar or in the Activity Monitor application.

images/download/attachments/160475535/Screenshot_2020-11-19_at_14.35.42.png
images/download/attachments/160475535/02_37_35.jpg

Example of script usage

Script has to be run using sudo as YSoft SafeQ Spooler does not run under user account but it runs under the system account.

sudo ./install.rb --siteserver-hosts=10.0.10.50,10.0.10.51

By default, the YSoft SafeQ Client v3 is installed with automatic restart. It will restart after 60s after a crash. If you want to change the value you can update the values in /Library/LaunchDaemons/com.ysoft.safeq.spooler.plist for YSoft SafeQ Spooler or in /Library/LaunchAgents/com.ysoft.safeq.client.plist for YSoft SafeQ Client v3 (desktop application). Either set KeepAlive parameter to false in order to disable this feature completely or change the ThrottleInterval which configures intervals between restarts. For additional details run

man launchd.plist

in Terminal on macOS.

Uninstallation instructions for macOS workstations:

The client application contains the uninstallation script uninstall.rb. The script is located in the installation folder of the client application.

Uninstallation instructions
cd /Library/Application\ Support/YSoft.Spooler
sudo ./uninstall.rb --force

Installation instructions for Windows workstations:

The client application package contains the installation script install.ps1. Two components will be installed: YSoft SafeQ Spooler service and YSoft SafeQ Client. The script has following arguments

Argument

Description

Required

Default value

Example

-InstallPath

The path where the YSoft SafeQ Spooler will be installed.

no

/Library/Application Support/YSoft.Spooler


-SiteServerSources

Sources from which the list of Site Servers should be loaded. Currently values "Local" and "JobService" are supported.

"Local" - client will include Site Servers from its local configuration file into its Site Server selection pool

"JobService" - client will include Site Servers from configuration provided by Job Service into its Site Server selection pool

no

no

local,jobservice

-EnableManualSiteServerSelection

User can manually choose the Site Server the client will connect to.

no

Manual site server selection by user is DISABLED.


-SiteServerHosts

Comma-separated list of IP addresses or hostnames of the server where YSoft SafeQ Job Service is installed. The spooler will connect to the first one and if it is not available it will randomly select from the rest.

yes

NONE

10.0.10.50,10.0.10.51

-SiteServerAliases

Comma-separated list of aliases of the Site Server hosts. They have to be in the same order as Site Server hosts.

no

NONE

eva,merlin

-JobServicePorts

Comma-separated list of ports where YSoft SafeQ Job Service listens. They have to be in the same order as Site Server hosts.

no

5000 (for all Site Servers)

5000,5000

-ServerSpoolerPorts

Comma-separated list of ports where YSoft SafeQ Spoolers in Server mode listen. They have to be in the same order as Site Server hosts.

no

5002

5002,5002

-IppPort

Port where the YSoft SafeQ Spooler will listen for print jobs sent through IPP.

no

5631

5631

-IppsPort

Port where the YSoft SafeQ Spooler will listen for print jobs sent through IPPS.

no

NONE

9000

-IppsCertificatePath

Path to the certificate that will be used to enable receiving print jobs through IPPS.

no

NONE


-IppsCertificatePassword

Password for the certificate that will be used to enable receiving print jobs through IPPS.

no

NONE


-LprPort

Port where the YSoft SafeQ Spooler will listen for print jobs sent through LPR.

no

5515

5515

-DisableCertificateValidation

Switch which disables YSoft SafeQ Client's validation of HTTPS certificates. Using this switch will severely decrease the security because the client will communicate with the server which does not have a valid certificate.

no

Certificate validation is enabled.


-SpoolerMode

The mode in which the spooler will be running. The possibilities are "Server" for server mode, "ClientSpooling" for client with spooling and "ClientNonSpooling" for client without spooling.

no

ClientSpooling

ClientSpooling

-HttpsCertificateStoreLocation

Store location of the certificate used for HTTPS in "Server" mode. The possibilities are "LocalMachine" and "CurrentUser".

in "Server" mode

NONE

LocalMachine

-HttpsCertificateStoreName

Store name of the certificate used for HTTPS in "Server" mode. The possibilities are "My" and "Root".

in "Server" mode

NONE

My

-HttpsCertificateThumbprint

Thumbprint of the certificate used for HTTPS in "Server" mode.

in "Server" mode

NONE

2E69C921F3F417C176A299F1CC9A163FC925C019

-AuthenticationType

Authentication method that the Spooler uses to authenticate users.

Possible values: DOMAIN_USERNAME, USERNAME_AND_PASSWORD, STORED_USERNAME

DOMAIN_USERNAME - The username of the user logged into the workstation is used.

USERNAME_AND_PASSWORD - The user will be prompted for a username and password.

STORED_USERNAME - A username will be retrieved from the configuration file.

no

NONE

STORED_USERNAME

-Username

Store name of the user for STORED_USERNAME authentication method.

in "STORED_USERNAME" authentication method

NONE

John

-EnableDhcpDiscovery

Enable DHCP-based discovery of Site Server host addresses.

no

DHCP-based discovery is disabled.



Example of script usage

Following is an example that will install the client with 2 Site Servers.

powershell -executionpolicy unrestricted .\install.ps1 -SiteServerHosts "10.0.10.50,10.0.10.51"

Uninstallation instructions for Windows workstations:

Uninstallation is available via Windows' Apps & features under the name YSoft SafeQ Client.

The application also contains an uninstallation script - uninstall.ps1. The script is located in the installation folder of the client application.

Uninstallation instructions
cd C:\SafeQ6\Spooler\
powershell -executionpolicy unrestricted .\uninstall.ps1 -Force