HaloCAD for Autodesk Vault
HaloCAD for Autodesk Vault
Breadcrumbs

Installing the HaloCAD for Autodesk Vault

This chapter explains the requirements, prerequisites, and how to install HaloCAD for Autodesk Vault.

System Requirements

The following system requirements table specifies the minimum and recommended technical specifications, such as software and network resources, necessary to run the product.

Components

Details

Supported Windows Server

Windows Server 2022 and above with updates installed.

Supported file types

  1. AutoCAD file types

  2. Inventor file types

  3. PDF

  4. MS Office native file types

Office 365 Subscription

  1. Fully configured Microsoft Purview Information Protection.

  2. An Azure subscription is required to use Azure RMS and the MPIP functionality.

  3. A working Microsoft Entra ID service must be available.

  4. Transport Layer Security (TLS) 1.2 or higher must be enabled to ensure the use of cryptographically secure protocols at all client workstations.

  5. To avail the revoke access feature, the user should be assigned to the Microsoft Purview Information Protection Premium P1/P2 license. (Not required for reader add-on)

  6. Audit logging: Your Azure subscription must include Log Analytics on the same tenant as Microsoft Entra ID.

  7. Register an application to get the Application (client) ID and Tenant ID in the Azure portal. Select the option Web during application registration.

Refer to the Technical Reference Manual for details on TLS 1.2 and application registration.

Others

Install HaloENGINE and HaloCAD for PLM separately on Windows servers.

Requirements

Prerequisites

The following preparatory steps or conditions must be met before installing the product.

  1. Make sure you have administrative access before performing most of the system and dataset tasks.

  2. Make sure the client computer running the HaloCAD Add-on for AutoCAD/Inventor can connect to the Autodesk Vault Server.

  3. Make sure your HaloENGINE complies with the requirements listed below:

    1. License file (enabled with AUTODESK_VAULT system type).

    2. Proper action rules

    3. Client certificate (.JKS)

  4. Make sure to have a user account with document-consuming rights in the Vault Server.

    1. You can add an existing user account to a specific Autodesk Vault.

    2. Or create a new user account and add it to the specific Autodesk Vault by logging in Autodesk Vault > ToolsAdministrationGlobal SettingsSecurity > Users > in the User Management window, click New User (enter required details), and click on the Vaults button to select all the Vaults listed.

  5. If you want to implement a failover mechanism in HaloENGINE, please refer to the section “ Failover Mechanism for HaloENGINE in HaloCAD for PLM ”.

  6. Ensure that both HaloCAD for Autodesk Vault and HaloENGINE are installed using the same Azure tenant details. A mismatch in the tenant details will result in configuration errors.

  7. Ensure that the previously installed HaloENGINE Service is completely uninstalled.

Conditions for Running the HaloENGINE Tomcat Service

Before you begin, make sure that the following prerequisites are met in your system:

Deny log on as a service policy

If the service is running under a specific user or a specific group, ensure that the user is not restricted by the Deny log on as a service policy (Local Security Policy > Security Settings > Local Policies > User Rights Assignment). If the user(s) exist, the “Error 1069: The Service did not start due to a logon failure” message appears while running the HaloENGINE Tomcat service.

Allow non-admin users to access a private key (without full admin rights)

During installation, the HaloENGINE gets the required Azure tenant details and certificate thumbprint. When the HaloENGINE Tomcat service starts, it tries to connect to the MPIP services using the details entered during installation. As part of this process, it validates the certificate thumbprint against the certificate installed in the Local Computer certificate store. The thumbprint entered in the installation wizard must match the one available in the Local Computer certificate store.

If the service runs under a non-administrative user account, the user may not have sufficient permissions to access the certificate’s private keys when the certificate is installed in the Local Computer store. This restriction prevents successful authentication with MPIP services. To resolve this issue, grant the user Read permission to access the certificate’s private key by following the steps listed below.

Any errors encountered during this process are recorded in the log file. If the verification succeeds, the service proceeds with initialization.

Prerequisites

  1. The required certificates (machine certificate, root CA, and intermediate CA) are already installed.

  2. The private key is stored in the Windows Certificate Store under Local Computer.

  3. You have administrative rights to perform the setup.

Follow the procedure below to grant read access:

  1. Open Certificate Manager as Administrator.

  2. Press Win + R, type mmc, and press Enter.

  3. In the console, go to File and select Add/Remove Snap-in.

  4. Select Certificates from the list and click Add.

  5. Choose the Computer account, then click Next, followed by Finish, and then OK.

  6. In the left panel, expand Certificates (Local Computer), expand Personal, and select Certificates.

  7. Identify the certificate that contains the private key.

  8. Right-click the certificate, select All Tasks, and then select Manage Private Keys.

  9. In the Permissions window, click Add and enter the non-admin username (for example, TESTIL) and click OK.

  10. Select the Read permission, click Apply, and then click OK.

    Non Admin User.png

    Granting private key access to a non-admin user

Installation Modes

You can install the HaloCAD component in the following modes:

  1. Graphical Mode
    Graphical mode installation is an interactive, graphical user interface-based method that is driven by a wizard.

  2. Silent Mode
    Silent-mode installation is a non-interactive method of installing the HaloCAD component using command lines.

Prerequisites

Before installing HaloCAD, ensure that the following requirements are met:

  1. Azure application registration details: Please refer to the Technical Reference Manual.

  2. The certificate required for MPIP authentication must be installed in the Local Computer certificate store, along with the Root CA and Intermediate CA certificates.

    • If the certificate is CA-signed, install all related certificates in their respective stores (Root, Intermediate, and Personal).

    • If the certificate is self-signed, install it in both the Trusted Root Certification Authorities and Personal stores of the Local Computer.

  3. Administrator rights: The user performing the HaloCAD installation must have administrator privileges.

Graphical Mode

Install the HaloCAD component using the GUI-based setup program that is provided in the installation package.

  1. To begin the interactive installation, double-click the installer HaloCAD_Autodesk_Vault_Setup.exe file. 

  2. Depending on your Windows security settings, you may get a warning such as "Do you want to allow the following program to make changes to this computer?". If you get this security warning, click the Yes button to continue the installation.

  3. When the installer starts, the Startup dialog appears, followed by the Welcome dialog.

    Startup dialog.png

    Startup Dialog

    1 Welcome Dialog Vault.png

    Welcome Dialog

  4. Click Next to continue the installation.

  5. The End-User License Agreement (EULA) dialog appears.

    2_End-user License Agreement Dialog.png

    End-User License Agreement Dialog

  6. Read the End-User License Agreement. If you agree, select I accept the terms in the License Agreement, and click Next to continue.

  7. The Tomcat memory pool size configuration dialog appears.

    3_Tomcat pool size configuration dialog.png

    Tomcat pool size configuration dialog

  8. Enter the amount of memory you want to allocate to change the Initial Memory Pool and Total Memory Pool preset values. Note: Ensure that the Total Memory Pool does not exceed the System's available 3/4th RAM. The default Tomcat port is 8383. You can, however, change the port number; it must be greater than 999 and less than or equal to 65535.

  9. Click Next. The destination folder selection dialog will appear:

    4_Destination Directory.png

    Destination folder selection dialog

  10. By default, application files are stored in the program files directory (C:\Program Files\Secude\). If you would like to choose an alternate location, click the Browse button and select your location preference. To return to any point in the installation process, click the Back button (optional).

  11. Click Next to allow the Setup program to install the HaloCAD component.

  12. The certificate-based authentication dialog appears. To avoid errors, please ensure that you enter the correct Azure application registration details in the installation wizard. 

    5_Certificate-based authentication dialog.png

    Certificate-based authentication dialog

    1. Application ID: Enter the unique identifier of your registered application. For example, 9f0de2dd-8d49-4a3f-9676-bf4b6ff17d44

    2. Tenant ID/Tenant Name: Enter your Microsoft Entra tenant name (for example, contoso.onmicrosoft.com) or its tenant ID (for example, 8c425ee7-352a-4657-ac77-7dc198712cb3)

    3. Thumbprint: Enter the thumbprint of the MPIP authentication certificate installed in the Local Computer certificate store.

    4. Cloud Type: By default, Commercial will be set. However, based on your Azure subscription and configuration, you can change the cloud type from the list — Commercial / Custom / Germany / US_DoD / US_GCC / US_GCC_High / US_Sec / US_Nat / China_01. In the case of Custom cloud type, you need to enter the appropriate URLs in Protection Cloud URL (for example, https://api.aadrm.com) and Policy Cloud URL (for example, https://dataservice.protection.outlook.com).

    5. Click Next.

  13. The installation begins, and the progress is displayed in the dialog.

    6_Installation progress dialog.png

    Installation progress dialog

  14. When the installation is complete, a message appears confirming that the HaloCAD component has been successfully installed.

    7_Installation completed dialog.png

    Installation completed dialog

  15. On the setup wizard, you can see the Installation Summary option. To view the summary, select the Installation Summary check box. The installation details will be summarized in the right side pane.

    8_Summary with preinstalled HaloENGINE dialog.png

    Summary with preinstalled HaloENGINE dialog

  16. Click Close to close the installation wizard.

Silent Mode

Besides graphical mode, the HaloCAD component can be installed in silent mode, which does not require user involvement or display a user interface. It is a convenient way to streamline the installation process using commands at once.

  1. Open the Command Prompt with elevated rights (Run as Administrator).

  2. Navigate to the directory of the HaloCAD component installer.

  3. To know the list of options available in silent mode, follow the steps given below:
    Type HaloCAD_Autodesk_Vault_Setup.exe -help
    Press Enter
    Output
    ...
    HaloCAD_Autodesk_Vault_Setup.exe -help
    HaloCAD_Autodesk_Vault_Setup.exe -install -initmempool <Initial memory pool size in MB(s). Minimum size is 128 MB> -totalmempool <Total memory pool size in MB(s). Maximum size is 3/4 of total RAM size.> -dir <destination_directory> -port <range_1_to_65535> -applicationid <application_id> -tenantid <tenant_id> -thumbprint <thumb_print> -cloudtype <(Commercial|Custom|Germany|US_DoD|US_GCC|US_GCC_HIGH|US_Sec|US_Nat|China_01)> (if cloudtype is Custom) <protectioncloudurl> <policycloudurl>
    HaloCAD_Autodesk_Vault_Setup.exe -uninstall

  4. The following command shows how to install and initialize HaloCAD.

    HaloCAD_Autodesk_Vault_Setup.exe -install -initmempool 1024 -totalmempool 2048 -dir "C:\Program Files\Secude" -applicationid 9f0de2dd-8d49-4a3f-9676-bf4b6ff17d44 -tenantid 8c425ee7-352a-4657-ac77-7dc198712cb3 -thumbprint 961602617275c2ab538cf28bb3648c0c6d97edab -cloudtype Custom https://api.aadrm.com https://dataservice.protection.outlook.com

  5. Press Enter.

  6. The installation is complete.