USB over IP for a Sentinel hardware key

Moltuae

Moltuae

Rest In Peace
Reaction score
3,669
Location
Lancs, UK
Just looking for recommendations from anyone who has already tried this.

I've used a few different hardware and software solutions in the past to connect to USB devices over the LAN but not yet with a Sentinel software licence 'dongle'.


The specific requirement is for Exact Dental from Software of Excellence (can't believe they're still using old-school hardware keys!) who have recently installed their software for one of my customers. This is a domain environment with a virtual server (2012 R2). Without consulting me first, SoE decided to install the 'dongle' onto one of the workstations (which, as you can probably imagine, ain't the best of configurations), so I need to move it to the virtual server. As far as I'm aware, there's no simple Hyper-V USB pass-through solutions, so I'm looking for a reliable USB over IP solution instead.

Thanks in advance.
 
I was just pondering software emulation of the hardware key as another alternative ...

Probably won't go down this route, even though it would be nice to have a 'backup' of the hardware key, since emulation almost certainly won't be supported by the software vendor. Plus, circumventing their archaic software protection might upset them a little.

Has anyone tried this route though I wonder?

Found this place: http://www.dongleservice.com/dongle-emulator.phtml

Naturally I had my concerns regarding the trustworthiness of such a service, until I noticed this:

Q0GskSQ.png


But now I KNOW they are trustworthy. They must be; it says so right there! :D
 
We've got a few dentists using Examine Pro for their X-rays, and they have the dongle plugged into the X-ray PC.
Why does it need to be on the server?
The X-ray PC is on all day so the other workstations can pick up the license from the dongle over the network.
 
cyabro said:
We've got a few dentists using Examine Pro for their X-rays, and they have the dongle plugged into the X-ray PC.
Why does it need to be on the server?
The X-ray PC is on all day so the other workstations can pick up the license from the dongle over the network.
Click to expand...
Mainly for reliability and security reasons.

They had a similar setup previously: Various non-domain PCs, some delegated as 'servers' for important file shares, patient data, X-ray data, etc, etc. It was a disorganised mess. If one of the 'server' PCs failed, crashed or was simply inadvertently switched off or rebooted by a member of staff, there was lots of disruption and sometimes data loss. That sort of workstation reliance is precisely what I'm trying to stay away from.

Everything has been replaced recently ... Proper rack servers, locked away in a dedicated server room. AD with folder redirection, none of the workstations store any data, applications run directly on the server (via RemoteApps), where possible, with GPOs automating the setup of new/replacement workstations. Users can perform most tasks from any workstation they're logged into without having to sit at a specific PC and a failed workstation can be swapped out with a new workstation with an automated setup that takes just a few minutes. And the servers are all virtual to provide scalability and allow for quick migration to new hardware in the event of failure.

If we were to choose a workstation to install the USB hardware key based on X-ray imaging, it would be one of the reception workstations, since that's where the X-ray scanner lives. It's also the most publically accessible and busiest area, making it a vulnerable area for the workstations and increasing the likelihood that the hardware key will become damaged, lost or stolen. I don't know what SoE charge to replace a hardware key but I suspect it won't be cheap, so I'd rather have it locked away in the server room. SoE actually installed the hardware key on one of the surgery workstations (without consulting me or informing anybody at the practice) which is how the issue surfaced. Oblivious to the fact, the users would reboot or switch off that workstation. More recently, the Sentinel service failed/stopped and couldn't be restarted without giving the user admin privileges.
 
Ugh, niche market developers tend to be the worst for solutions that don't fit well in a good IT setup. The light at the end of the tunnel is that Server 2016 has "Discrete Device Assignment" which I believe is pretty much the same as device pass through. So maybe you could install the free Hyper-V 2016 with Server 2012 R2 as your guest? I'm not sure whether or not that works with "Discrete Device Assignment." However, the with the labour involved with resetting it up, and with anticipating something being a PITA to get working right, you're probably better off with one of the IP boxes. Might be worth playing around with in a lab though.
 
Thanks for the suggestions guys. Much appreciated :) I'll look into those.

I didn't know about Discrete Device Assignment @trevm999, thanks. Probably a bit too far down the road with this particular installation now, plus I haven't touched a single Server 2016 installation yet, but that's good to know for future installations. Looks like I need to find some time to have a play with 2016 soon and get familiar with it!

I'm thinking a hardware solution might be best for reliability, plus I'd prefer to avoid installing software on the Hypervisor if possible. @YeOldeStonecat Do you know if those Digi units play well with hardware keys? And presumably each model uses the same tech, so the cheaper 2 way unit would be as good as any?
 
Moltuae said:
I'm thinking a hardware solution might be best for reliability, plus I'd prefer to avoid installing software on the Hypervisor if possible. @YeOldeStonecat Do you know if those Digi units play well with hardware keys? And presumably each model uses the same tech, so the cheaper 2 way unit would be as good as any?
Click to expand...

I used it at clients that ran a Canon electronic filing cabinet program, ran on a SQL server. Used a Sentinal USB key on the server to allow the Canon gateway services to run.
We moved some clients to virtualization, and tried a few software solutions which did not work, eventually taking this hardware approach, worked great.
There is of course a client software component which you install on the guest server instance that proxies the virtual USB port to IP...and then talks directly to the USB==>IP Hub.
 
Just to update this ...

I decided to go with the Digi AnywhereUSB device in the end (thanks again for that suggestion @YeOldeStonecat ). Took a bit of getting working, and some assistance from Digi Support (who were very helpful). Had a few issues initially and, due to a very limited time-window (the dental practice's one-hour lunch break), the first site visit resulted in mission-aborted. It wasn't an urgent job so I decided to gather more info and wait until my next site visit to re-attempt the 'dongle' manoeuvrer. That re-attempt happened this morning (when I got called-out to replace a dead monitor) and I'm pleased to report that the mission was successful. :)

For future reference, the device was a SafeNet USB SuperPro/UltraPro hardware key which, in this case, is used by the EXACT Dental software (specifically ExaminePro digital imaging). Installation was on a domain member server (2012 R2) that was also an RD Session host (ie running Terminal Services).

This was the advice Digi provided:
http://knowledge.digi.com/articles/...ywhereUSB-cannot-be-found-by-related-software

And other thing to watch out for when checking the hardware key with SafeNet's 'SAM' is, if you're running TS, be sure to select 'Enable Terminal Services', otherwise the test fails (as per image below):

qZch6S7.png
 
Cool!
The setup I first used it for, we had migrated a clients servers (SBS2003 and Server 2003) to a 2k8r2 Hyper-V host years ago. Back then they were running that Canon electronic filing cabinet software...had the USB license dongle. Had to use this to satisfy the USB license key for the guest instance.
 
I do not know how it will turn out in practice personally with you, but in our office, we use USB network Gate to connect the USB to the network with an external venter with data for each user.
I also found a Share USB Dongle over Network on their website.
If possible, you can easily try this software.
I’m saying I can recommend it in my practice, but I’ll warn you that it is commercial.
 
Last edited:
You must log in or register to reply here.

Similar threads

timeshifter
UniFi switch and FortiGate firewall - can't ping past switch for some users
2
Replies
24
Views
3K
YeOldeStonecat
YeOldeStonecat
timeshifter
Serial connection over network or just use long cable
Replies
11
Views
2K
timeshifter
timeshifter
thecomputerguy
Am I making a big mistake migrating this client to SP/Teams?
2
Replies
26
Views
5K
Sky-Knight
Sky-Knight
urcomputech
[REQUEST] Recommendation for web based presentation platform
Replies
7
Views
1K
Sky-Knight
Sky-Knight
HCHTech
Terminal Server Questions
2 3 4
Replies
68
Views
11K
trevm999
trevm999
Back
Top