System Requirements

Upgrade Notes

• Issuetrak is not supported on in-place OS upgrades of any kind.
• Issuetrak requires that your current instance is on version 10.3.7 or higher before proceeding. If your environment is currently running an earlier version, please contact Issuetrak Support for assistance.

• Processor – Dual Core 1.8 GHz Processor
• Memory – 4 GB available RAM
• Disk Space – 4 GB available hard disk space
• Operating System – Windows Server 2019, 2022, or 2025 (32/64-bit; Standard, Datacenter)
• IIS Version and Server Roles – Microsoft Internet Information Services (IIS) 7.5, 8.0, 8.5, or 10.0
  • Web Server (IIS) installed as a Role in Windows Server Manager with the following Role Services installed:
    • Common HTTP Features: Static Content
    • Application Development: ASP, ASP.NET 4.5 or higher, and ISAPI Extensions
    • Security: Request Filtering
    • Performance: Static Content Compression
  • If deploying API v2:
    • API v2 needs to be in its own IIS Application Pool, which must be set to "No Managed Code"
• Additional Settings:
  • .NET 10 Hosting Bundle - which can be obtained here.
    • This must be installed after IIS. If it is installed before IIS, then deployments will fail.
  • Microsoft OLE DB Driver 18 for SQL Server
    • MS OLE DB Driver 19 for SQL Server is also supported, so long as your environment is already configured to use it.
  • Microsoft .NET Framework 4.7.2 or greater
  • PowerShell 5.0 or greater
  • Issuetrak requires that its classic and MVC application pools are running .NET Framework v4.0.
  • Issuetrak recommends securing each installation with SSL.
  • IIS must have the URL Rewrite Module installed.
  • IIS must have the HTTP Module installed.
  • Soft requirement: IIS must have the Dynamic IP Security Module installed if using the Rate Limiting functionality.
  • Soft requirement: IIS needs to have the HTTP Redirection module installed in order to allow the deployment tools to redirect web requests to a user-friendly "Please wait while your site is being upgraded" screen.

Upgrade Notes

• Issuetrak is not supported on in-place OS upgrades of any kind.
• Issuetrak is not supported on SQL Server in-place upgrades.
• Issuetrak requires that your current instance is on version 10.3.7 or higher before proceeding. If your environment is currently running an earlier version, please contact Issuetrak Support for assistance.

• Processor – Dual Core 1.8 GHz Processor
• Memory – 4 GB available RAM
• Disk Space – 4 GB available hard disk space
• Operating System – Windows Server 2019, 2022, or 2025 (32/64-bit; Standard, Datacenter)
• Applications and Settings – Microsoft SQL Server 2017, 2019, or 2022 (32/64-bit; Express, Standard, Web, Enterprise or Business Intelligence Edition)
  • Full-Text Search feature must be installed
  • SQL_Latin1_General_CP1_CI_AS collation enabled
  • SQL Server and Windows Authentication mode enabled
  • TCP/IP or Named Pipes protocol enabled in SQL Server
    • Named Pipes do not support encryption
  • Database compatibility level for any given Issuetrak database to be upgraded must be set to a minimum level of 130
• Additional Requirements:
  • Microsoft .NET Framework 4.7.2 or greater
  • Region and Language Settings should have the current locale set to “English (United States)”

Incoming Email

• Applications – POP3, Secure POP3, IMAP, or Microsoft Exchange 2013 or newer

Outgoing Email / Notifications

• Applications – SMTP-based outgoing email server

DPAPI Encryption

• Microsoft .NET Framework 4.7.2 or greater

Lightweight Directory Access Protocol (LDAP)

• AD-based Public Key Infrastructure (PKI), if enabling CAC/Smart Card Authentication
• Microsoft Cryptographic API-compatible revocation provider on web server, if enabling Smart Card Authentication

• AD Single Sign-On requires:
  • Windows Authentication Role Services enabled in the Web Server (IIS) Role
  • Integrated Windows Authentication enabled within IIS

• AD SSL Encryption requires an LDAPS certificate to be installed on the Domain Controller
• For Cloud customers: AD SSL encryption also requires that your Domain Controller supports TLS 1.2.

Active Directory Federation Services (AD FS)

• AD FS 2016 or higher - See Microsoft's article for AD FS server requirements.
  • OpenID Connect / OAuth connections via Application Groups
• Multifactor authentication (MFA) requires at least one other authentication method, and is dependent entirely on the implementation of AD FS in your environment. See this article for more details.

Asset Management

• Remote Asset Auditing
  • The machine TrakAsset is executed from must have WinRM installed
  • The machine TrakAsset is executed from must have Active Directory Module for Windows PowerShell installed
  • The machine TrakAsset is executed from must allow ICMP in order for its connection test function
  • Both the local machine and the remote machine must be on the same domain
  • The account that executes TrakAsset must be a domain administrator and must not have a blank password
• TrakMac on Macs with M1 or newer processor
  • The Mac must have Rosetta installed in order for the software to function

Windows Integrated Security

• The Integrated Security user that you designate needs to be a Domain-authenticated service account with:
  • "Access this computer from the network" rights for BOTH Web and SQL servers
  • "Log on as a service" rights on the SQL server
  • "Log on as a batch job" on the Web server

Web Browser

• Firefox, Chrome, Microsoft Edge Chromium

SSL Configuration

Implementing this recommendation will require the installation of an SSL certificate on the hosting web server. There are two typical scenarios for installing an SSL certificate within IIS. The first scenario involves creating a self-hosted certificate, a certificate type that is submitted to a Certificate Authority (CA) that is a server under the control of the hosting organization. The second scenario involves requesting a third-party certificate, a certificate issued by an external CA. Examples of certificate vendors that issue third-party certificates include (but are not limited to):

• VeriSign (https://www.verisign.com)
• GeoTrust (https://www.geotrust.com)
• Thawte (https://www.thawte.com)

The following Microsoft knowledge base articles provide step-by-step instructions for requesting a certificate, installing the certificate within IIS, and setting the HTTPS binding for a site so that only SSL connections are permitted.

• “How to Set Up SSL on IIS 7”: Provides steps for configuring SSL for IIS 7.0 and above.
• “Configuring SSL in IIS Manager”: Provides a video on enabling SSL security with self-signed certificates for IIS 7.0 and above.
• “IIS 8 – Certificate Management and Deployment”: Provides a video overview of certificate management within IIS 8.

In addition, if the API is deployed, then the application pool identity that is assigned to the Issuetrak API application pool must have read and write permissions on the folder used to store Issuetrak attachments. The following Microsoft IIS article provides detailed information on not only configuring IIS Application Pool Identities but also configuring the security for resources such as files and folders.

Application Pool Identities

Additional Notes

• Your Issuetrak database and web server can reside on the same or separate machines, dedicated or shared machines, or physical or virtual machines that meet the minimum requirements.
• Issuetrak cannot reside on the same server as Microsoft Exchange, SharePoint, or Windows Server Update Services (WSUS).
• We recommend additional processing power, RAM, and disk space for optimal performance and long-term scalability. When using a shared machine, we also recommend keeping the overall size and number of applications running on that machine to a minimum.
• Issuetrak cannot reside on Windows Server Essentials, Windows Nano Server, Server Core, or a Domain Controller.
• Safari is not a supported browser for use with Issuetrak.
• FIPS (Federal Information Processing Standards) is supported.
• As of December 31, 2020, all versions of Microsoft Internet Explorer are no longer supported and may result in unexpected behavior with Issuetrak.
• Please note that certain IIS modules such as URLScan may interfere with HTTP request distribution to the API site endpoints. In particular, any modules that restrict or deny requests with the HTTP verbs GET, POST, PUT, and DELETE must be reconfigured to permit access for HTTP requests using those HTTP verbs for the API site.

The requirements and peculiarities specific to deploying Issuetrak in an Azure hosting environment are provided here. Please note that these requirements are in addition to the requirements listed in the other tabs of this article. 

User-Assigned Managed Identity (UAMI)

Issuetrak supports both System-managed identities and User-Assigned Managed Identities in an Azure environment. However, only UAMIs are supported in conjunction with an Azure high availability environment. Managed Identities eliminate the need for developers to manage credentials (user secrets or secret keys) in their application code. This significantly improves the security posture of the application by leveraging the identity of the Azure service itself. To use a UAMI with Issuetrak, the following requirements need to be met:

• Managed Identity must have ‘Directory Reader’ role permissions in the tenant
• Managed Identity must be associated with both the web server VM and the SQL managed instance in the Azure portal
• Issuetrak application requires the Managed Identity name, the Client ID, and the Object ID from the Azure portal

Web Server Virtual Machine

The VM size and family that is selected for use as a web server must meet Issuetrak's web server requirements.

Shared Storage

Azure offers shared storage options consisting of Azure File Share and Azure File Sync. Only Azure File Share is currently supported.

Azure File Share

Azure File Share provides fully managed file storage that can be accessed via the industry standard Server Message Block (SMB) protocol. By using Azure File Share, Issuetrak can directly utilize scalable and highly available cloud storage. If your environment uses an Azure User-Assigned Managed Identity with Azure File Share, see Microsoft's documentation here.

Issuetrak has the following specific requirements to use Azure File Share on a web server:

• IIS must be configured with:
  • Issuetrak's Application pool identity set to ‘Network Service'
  • Anonymous Authentication must be enabled for the website, Core application, API v1 application, and API v2 application, and it must be set to ‘App Pool Identity' 
• PowerShell Module
  • Azure Files SMB Managed Identity Client module must be installed

Azure File Sync

Issuetrak has confirmed that Azure File Sync will work with the application, but has not fully tested this as a shared storage solution. Azure File Sync is currently unsupported.

Overview

Issuetrak 17.6 introduced support for high availability (HA) environments. This page provides the requirements for deploying Issuetrak in an HA environment. Please note that these requirements are in addition to the other requirements listed on the other tabs.

Steps that are specific to deploying Issuetrak in an HA environment can be found here. 

The Issuetrak application requires 4 elements to ensure functionality and reliability. Each of these should be considered a single point of failure, and needs to be accounted for to ensure the availability and operations of the service.

Web Servers

Web servers are the service endpoint that users will interface with via their web browsers when interacting with the product. 

To achieve high availability (HA), you’ll need the following:

• A load balancer that supports persistent or sticky sessions, also known as "session affinity”
• Shared storage (see further down)

As long as the requirements are met, you can scale out to as many nodes your system can support. N+1 or more. 

Services

The product relies on services and scheduled tasks for core functionality. Without these services and tasks, the application is still accessible via a web browser but expected Issuetrak functionality will no longer process. More information on their configuration can be found here.

The services and scheduled tasks are installed with the product on the webservers, but not all web servers need to have the services and scheduled tasks installed. Due to the nature of the services and scheduled tasks, we STRONGLY recommend having a single node handling the execution with a second or more as standbys ready to assume the role if anything happens to your primary node.

Issuetrak has developed a script, called the Issuetrak Provisioning Tool (IPT), that facilitates failover and ensures single node operations for the services and scheduled tasks. The IPT should be installed on each web server that is potentially running Issuetrak services and scheduled tasks. It creates a scheduled task that runs every minute and calls a PowerShell script to monitor the status of the Issuetrak Outgoing Email Service and then reads/writes a JSON file located on the shared storage location. The failover time is configurable during install of the IPT.

Shared Storage

The services, scheduled tasks, and web servers will need access to the same files and folders for their operations. 

For Issuetrak to use a shared storage source, you’ll need the following:

• Windows servers need the ability to read and write to the path
• Ability to write file level permissions

Alternatively, you can build a file synchronization process for the user specific folders that need to be replicated among web servers. The Issuetrak Provisioning Tool handles the copy/creation of the folder/files to the shared storage location and maintains the permissions set by the initial Issuetrak install.

SQL Server

Issuetrak can only connect to a single SQL endpoint. To implement HA with SQL, you’ll need to build out a Microsoft HA/DR solution. We strongly recommend that your SQL environment is configured and ready for HA prior to installing Issuetrak.

Key considerations:

• Issuetrak locks in its SQL configuration during installation to its single SQL endpoint. If the endpoint/name changes during an DR operation, you’ll need to rerun an upgrade of Issuetrak with a modified JSON to re-establish the connection.
• Confirm that your current or future environment meets Issuetrak's SQL requirements.

Network Considerations

Dependencies

Before deploying Issuetrak, ensure you have these components in place.