The core Clarity LIMS product includes the rename_claritylims_hostname.sh script, which allows you to change the hostname to which Clarity LIMS responds.

Prerequisites & considerations

Prerequisites

• Clarity LIMS must be fully installed and configured. If it is not, the script instructs you to complete the installation.

• The script stops all Clarity LIMS services. Make sure that all automation jobs are complete.

• If you are not using a wild card SSL Certificate, purchase a certificate for the new hostname.

Considerations

• The script does not update the Automation Worker installation. After you have completed the renaming steps, you must reconfigure all local and remote Automation Workers.

• You might need to reconfigure additional services, such as the Reporting and Sequencing services.

Settings changed

The following table lists the settings changed by the rename_claritylims_hostname.sh script.

*The ftp.host is only updated if it matches the previous IP address/hostname. This intended behavior accounts for the scenario in which the ftp host is on a different server.

Changing the LIMS hostname

Pre-script steps

1. Change the internal hostname

   Before running the rename_claritylims_hostname.sh script, change the internal hostname for the instance - that is, /etc/hosts and related areas. There is no need to change any other LIMS-related components.

   The new internal hostname will be used in the renaming process.

   • To verify the internal hostname, use the following command:

Running the script

1. Use the following command to change to the root user:

2. Navigate to the /opt/gls/clarity/config directory.

3. Run the rename_claritylims_hostname.sh script:bash rename_claritylims_hostname.sh

This document provides the steps required to install a new Clarity LIMS v6.3 instance to Oracle Linux/RedHat Enterprise Linux v8.10.

The installation procedure includes adding the Clarity LIMS repository, installing the Clarity LIMS RPM through yum commands, and configuring the installation through a series of configuration scripts.

Prerequisites

• Your system meets the requirements listed in .

• You have installed and configured the required components. For more information, see .

• You have a database user and two empty schemas on your database server. The schemas are populated during configuration.

• You have received the appropriate repository files from the Clarity LIMS Support team.

• All standard OS security updates have been applied.

• All instances of Clarity LIMS must have a purchased SSL/TLS certificate installed. Purchase the certificate before installation or upgrade. For instructions on installing purchased SSL/TLS certificates, see .

With the Oracle Linux/RedHat Enterprise Linux server, the following error messages can display when you perform the yum commands used to install Clarity LIMS:

These messages do not affect the installation of Clarity LIMS. You can resolve these error messages by running the following command:

Step 1: Add the Clarity LIMS Repository

1. Using scp/sftp, WinSCP, FileZilla, PSCP, or similar, copy the repository to the following location: /etc/yum.repos.d.

2. Test the repo file with this command:

Step 2: Install Clarity LIMS

1. Run the install command:

2. Type y to download and install the Clarity LIMS RPM core components.

   NOTE: The installation of Clarity LIMS creates 3 operating system users:

Step 3: Run Configuration Scripts

1. As the glsjboss user, change directory to /opt/gls/clarity/config/pending with the following command:

2. Run the first script listed sequentially in the directory listing with the following bash command:

   This script configures the Secret Utility password management tool so that secrets and passwords are accessible. It is recommended that you store application secrets in vault. If that is not possible, the configuration script supports file-based storage. For more information about the prompts, see .

Step 4: Install Lablink

LabLink v2.5 is compatible with Clarity LIMS v6.3.

Before installing LabLink v2.5, make sure that a database named LabLink is created with the same database user as the Clarity LIMS database.

1. Stop all Clarity LIMS services using the following command:

2. Install the LabLink RPM with the following yum command. Make sure that you have the correct repo enabled:

3. As the glsjboss user, run the pending initialization script using the following command:

Step 5: Start the System

Clarity LIMS includes the run_clarity.sh script. This script starts (or stops) all Clarity LIMS services (Elasticsearch, RabbitMQ, Search Indexing, Tomcat, httpd/Apache proxy, Automation Worker) in the required order, with one command.

Run the following script as the root user:

If an error occurs starting any service, subsequent services will not be started. Stop all services before trying to start them again.

Start the system as follows.

1. Switch to the root user.

2. Make sure that no Clarity LIMS services are running.

3. Run the script with the following start command:

If any services are running, the script exits and provides a list of services to stop. In this scenario, complete the following steps:

1. Use the script with stop command to stop services.

2. Open a supported browser window and make sure that you can access the Clarity LIMS client at the following URL: https://<your-Clarity-FQDN>/

As of Clarity LIMS v5.4, the method used for managing passwords (secrets) for Clarity LIMS integration modules has changed.

The following diagram shows the installation steps required for installing Secret Utility and integration packages with Clarity LIMS v5.4 and later.

Two levels of user passwords are created in the Clarity LIMS system: one at the operating system level and one at the Clarity LIMS level.

Following are details on the user passwords, instructions for changing them, and instructions for updating Clarity LIMS with the new database connection details.

Update Operating System User Passwords

The user passwords created at the operating system level are for the glsai, glsjboss, and glsftp users.

• glsai and glsjboss users:

  • These users have no configuration associated with them.

  • You may change their passwords at any time.

To change the glsftp password after installing Clarity LIMS, using SecretUtil:

1. Change the glsftp user's password on the server.

2. Log in to the server as the root user.

3. Stop Clarity LIMS using the following command:

Update Clarity LIMS User Passwords

The user passwords created at the Clarity LIMS level are for the admin, facility, and apiuser users.

• admin and facility users:

  • These users have no configuration associated with them.

  • You may change their passwords at any time.

To change the apiuser password after installing Clarity LIMS:

1. Check for any remote Automation Workers, and take note of their locations in your network. You will need to restart these after changing the password.

2. Log in to the server as the root user.

3. Stop Clarity LIMS using the following command:

Update Database Connection Details

In some circumstances (such as security breaches/compromises), the database connection details (eg, database password) are updated, which prevents Clarity LIMS from connecting to the database. You can correct this issue by updating Clarity LIMS with the new database connection details as follows.

1. Check for any remote Automation Workers.

2. Update the existing tenant with the new details.

3. Restart any Automation Workers.

To update database connection details:

1. Check for any remote Automation Workers, and take note of their locations in your network.

2. Log in to the server as the root user.

3. Stop Clarity LIMS using the following command:

Secret Utility (secretutil) is a password management tool used to store, manage, and retrieve passwords. Secret Utility returns the passwords in plain text.

The following sections describe the configuration of Secret Utility, which is installed as part of the Clarity LIMS-SecretUtil RPM.

Installing Integration Packages on Clarity LIMS

You may refer to the integration package installation guide for more information on installing/configuring the integration package.

Configuration Script

If Secret Utility has not been configured, the 05_configure_claritylims_secretutil.sh script is created in the /opt/gls/clarity/config/pending folder.

To reconfigure Secret Utility:

1. Remove the hidden file /opt/gls/clarity/tools/secretutil/.configured

2. Run the Secret Utility configuration script as follows: /opt/gls/clarity/config/configure_claritylims_secretutil.sh

The following table describes the entries prompted by the configure_claritylims_secretutil.sh script.

Configuration Script Entries

Managing the passwords (Vault Mode)

If Secret Utility is configured as Vault Mode, the passwords are stored and retrieved from Vault Enterprise.

• To use Secret Utility and perform the following steps, you must first remote into the instance before performing any of the following steps.

• To use the Vault user interface (UI) and perform the following steps, you must have the appropriate role and access control list (ACL) policies.

Managing the Passwords (File Mode)

If Secret Utility is configured as File mode, the passwords are encrypted and stored in /opt/gls/clarity/tools/secretutil/conf/secrets.properties. Encryption is based on the CLARITYSECRET_ENCRYPTION_KEY environment variable.

To manage the passwords and perform the following steps, you must first remote into the instance.