Navigation
OperationsUpdated July 3, 2026

Cogito WMPI - Knowledge Transfer

operationsknowledge-transfercogitoanalyticswmpimpiazureepicsql-dbanon-prod

Cogito Epic on Azure Knowledge Transfer CloudTest WMPI

The following Optum and Accenture team members were identified as key stakeholders for Cogito Admin and SQL DBA related knowledge transfer:

Key Stakeholders for Cogito Admin and SQL DBA Knowledge Transfer

NameOrganization
Jordan LambertOptum
Maria SnelgroveOptum
Nicholas HesterOptum
Lakshminarayanan, VenkatesanOptum
John BrownleeOptum
Chung ChauOptum
Angelea MorrisAccenture
Laura VaughnAccenture
Michael YimerAccenture

The following items were identified as requiring Knowledge Transfer to transition the in-scope environments to the Optum Cogito and SQL DBA teams for ongoing support.

Server names and corresponding Epic groups

  • MPI WMPI Non-Prod VMs: Current Machines in Kuiper.csv
  • Kuiper URL: https://kuiper.uhc.com
  • System Pulse URL:
  • MPI WMPI BOM: 11-22-24_Epic_Automation_Bom_Template - Cogito - MPI
  • Azure Citrix Login - MPI WMPI Citrix Workspace
  • Azure Cogito Server List - Azure Cogito Server List.xlsx

Server Naming Conventions

3.4 Virtual Machine Naming Convention

To ensure consistency across all resources, it is important to follow a standard naming convention. A standardized format will allow for resources, such as virtual machines, to be easily identifiable.

VM Naming Convention

This standard naming convention will be used for naming hosts in Azure VMs:

  • Position 1: Hosting Platform

    • Z = Azure
    • A = AWS
    • G = Google
    • O = Oracle Cloud
    • etc.
  • Position 2: Region

    • E = East
    • C = Central
    • W = West
  • Position 3: Environment

    • P = Prod
    • N = Non-Prod
    • D = Dev
    • R = Disaster Recovery
    • S = Shared
  • Position 4: OS Platform Type

    • W = Windows
    • L = Linux
  • Position 5: Purpose

    • AD = Active Directory
    • EPS = Epic Print Server
    • KUI = Kuiper
    • BCA = etc.
  • Position 6: Instance Identifier

    • EE = Epic East
    • EW = Epic West
    • CL = Community Lead
  • Position 7: Series Number

    • Starting at 001, incrementing as required.

Note: Server hostnames will vary from 13–15 characters depending on role and/or purpose.

Confirm Server Access & corresponding tools required for access

  • Ensure access to Hashicorp Vault https://vault.uhg.com
  • Namespaces: Aide-0085665 (West), Aide-0085666 (East)
  • Used for Static secrets
  • Local admin passwords
  • Msnonprod service accounts
  • Cloudtest infrastructure – ONLY Epic infrastructure in msnonprod domain
  • Msnonprod.dsnonprod.uhc.com
  • EMPs or ESMP passwords
  • Etc.
  • Ensure access to Cyberark (same as on-prem) https://cyberark.optum.com/PasswordVault/v10/logon
  • View and Copy service account passwords
  • Domain based secrets
  • Naming convention is incorrect in Cyberark. The service accounts are in the ms.ds.uhc.com domain and will work for MPI build.
  • It is now accessible from Cloud SAW
  • Ensure access to Cloud SAW
  • VMWare Horizon
  • Cloud SAW is the preferred way to RDP into Azure VMs
  • Request Cloud SAW access via Secure
  • Application: Secure Workbench
  • Choose Create New ID to populate with Secondary ID
  • If one does not exist, it will create a secondary ID for use.
  • Role: Cloud SAW
  • Ensure your elevated credentials are in the AD group below for your secondary account:
  • Optum_National_Epic_COE_Cogito_DBA_Primary
  • Optum_National_Epic_COE_Cogito_DBA_Secondary
  • OPTUM_SQLSERVER_DBA01APPWIN
  • Check adlookup.optum.com to ensure access has been granted

Azure Access

List of deliverables

  • Artifactory Cogito Folder: repo1.uhc.com
  • Quick Reference Guide: Optum_Epic on Azure Infrastructure - Quick Reference Guide.xlsx
  • Low-level Design Document: Low-Level_Design_v1.0.docx
  • Deployment Plans: Deployment Plan
  • Epic IP Address Allocation: EPIC IP Address Allocation-100%CDO.xlsx
  • Network Architecture Diagram: Optum - Network Diagrams Draft v2.6-updated2.vsdx

Architecture & Business Continuity (DR considerations/config for specific environments)

This will be applicable for Production. It is not applicable for non-prod.

Server configuration details

  • Please see the Bill of Materials that were used to request the infrastructure that has been deployed here: Deployed

Application Config details

This will be applicable for Production. It is not applicable for non-prod.

Monitoring

  • System Pulse has been configured to match on-prem Alert Defs and users have been added to appropriate groups. Please ensure your account has Administrator access, the ECSA alerting group members are up-to-date, and that all the appropriate alerts are configured. https://systempulse.uhc.com/SystemPulse
  • SMTP server: mailo2.uhc.com

SOP for admin tasks (e.g. add new disk, expand disk, upgrade SKU, add new machine, start/stop server, etc.)

  • Disk Expansion/New Disk

  • Work with Cloud Operations to update managed disk prior to the Cogito Admin or SQL DBA making the configuration

  • Expand Disks Instructions.docx

  • Upgrade SKU

  • Work with Optum Infrastructure Team to update SKU.

U. Patching Schedule / Process (Windows)

  • This is out of scope for the Epic on Azure team.
  • Details should be shared by Cloud Operations.

Environment Servers

  • West Hub
  • Central Hub
  • East Hub
  • Training
  • Development
  • Confirm
  • Full Sized Copies
  • Disaster Recovery (DR)
  • Prod Support

Production Patching Schedule

  • 3rd Sunday
    • Time: 8 PM – 11 PM CST

Support Transition

  • Accenture Team will provide Hypercare through Monday, August 4, 2025
  • Optum’s Cogito and SQL DBA teams will take over ongoing support starting Monday, August 16, 2025

Task 1: Cogito Deployment Notes

First-Time Server Login Commands

  • Delete RPC Registry Key

    Remove-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\RPC" -Force -Recurse
    
  • Turn Off Firewall

    Set-NetFirewallProfile -Profile Domain,Private,Public -Enabled False
    
  • DNS/A Record Registration

    • Each Cogito VM must be registered with the service desk.
    • Example of request form available.
  • Install .NET 3.5

    • Map to: \\epicfilesnp.uhc.com\technical\Epic_Azure\WindowsUpdate\sources\sxs
    • Copy to: C:\sxs
    • Update alternate path in install to: C:\sxs
  • SSL Listener Configuration (Run only if listener exists)

    winrm delete winrm/config/listener?Address=*+Transport=HTTPS
    winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="[certificate name]"}
    winrm enumerate winrm/config/Listener
    Setspn –L [server name]
    

PowerShell Validation Tasks

Task 2.3.5 & 5.3.5: Enable High Performance Mode

Powercfg /list

Task 2.4.4 & 5.4.3: Create Filesystems

Get-WmiObject Win32_Volume | select Label,Name,BlockSize | sort -Property Label

Task 2.4.6 & 5.4.5: Verify Kernel-Only Memory Dump Is Enabled

Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl" | Select-Object -Property DumpType

Task 2.4.7 & 5.4.6: Configure Windows TCP Parameters

Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" | Select-Object KeepAliveTime, TcpTimedWaitDelay, MaxUserPort
``` build.
- It is now accessible from Cloud SAW
- Ensure access to Cloud SAW
- VMWare Horizon
- Cloud SAW is the preferred way to RDP into Azure VMs
- Request Cloud SAW access via Secure
- Application: Secure Workbench
- Choose Create New ID to populate with Secondary ID
- If one does not exist, it will create a secondary ID for use.
- Role: Cloud SAW
- Ensure your elevated credentials are in the AD group below for your secondary account:
- Optum_National_Epic_COE_Cogito_DBA_Primary
- Optum_National_Epic_COE_Cogito_DBA_Secondary
- OPTUM_SQLSERVER_DBA01APPWIN
- Check adlookup.optum.com to ensure access has been granted

# Azure Access

- Ensure log in and access to Virtual Machine details located in the portal <https://portal.azure.com>

# List of deliverables

- Artifactory Cogito Folder: repo1.uhc.com
- Quick Reference Guide: Optum_Epic on Azure Infrastructure - Quick Reference Guide.xlsx
- Low-level Design Document: Low-Level_Design_v1.0.docx
- Deployment Plans: Deployment Plan
- Epic IP Address Allocation: EPIC IP Address Allocation-100%CDO.xlsx
- Network Architecture Diagram: Optum - Network Diagrams Draft v2.6-updated2.vsdx

# Architecture & Business Continuity (DR considerations/config for specific environments)

This will be applicable for Production. It is not applicable for non-prod.

# Server configuration details

- Please see the Bill of Materials that were used to request the infrastructure that has been deployed here: Deployed

# Application Config details

This will be applicable for Production. It is not applicable for non-prod.

# Monitoring

- System Pulse has been configured to match on-prem Alert Defs and users have been added to appropriate groups. Please ensure your account has Administrator access, the ECSA alerting group members are up-to-date, and that all the appropriate alerts are configured. <https://systempulse.uhc.com/SystemPulse>
- SMTP server: mailo2.uhc.com

# SOP for admin tasks (e.g. add new disk, expand disk, upgrade SKU, add new machine, start/stop server, etc.)

- Disk Expansion/New Disk
- Work with Cloud Operations to update managed disk prior to the Cogito Admin or SQL DBA making the configuration
- Expand Disks Instructions.docx

- Upgrade SKU
- Work with Optum Infrastructure Team to update SKU.

# Patching Schedule / Process (Windows)

- This is **out of scope** for the Epic on Azure team.
- Details should be shared by **Cloud Operations**.

---

## Environment Servers

- **West Hub**
- **Central Hub**
- **East Hub**
- **Training**
- **Development**
- **Confirm**
- **Full Sized Copies**
- **Disaster Recovery (DR)**
- **Prod Support**

---

## Production Patching Schedule

| Environment | Day        | Time (CST)  |
|------------ |----------- |------------ |
| Prod        | 3rd Sunday | 2 AM – 4 AM |
| Prod        | 3rd Sunday | 3 AM – 5 AM |

---

## Support Transition

- **Accenture Team** will provide **Hypercare** through **Friday, June 13, 2025**
- **Optum’s Cogito and SQL DBA teams** will take over ongoing support starting **Monday, June 16, 2025**

---

# Checklist #229784 - Cogito Install Task List Cloud WMPI (West)

## Task 1: Cogito Deployment Notes

### First-time Server Login Commands

- **Delete RPC Registry Key**:
  ```powershell
  Remove-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\RPC" -Force -Recurse

This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Accenture Team will provide Hypercare through Friday, June 13, 2025; Optum’s Cogito and SQL DBA teams will take over ongoing support for this environment starting Monday, June 16, 2025.

Checklist #229784 - Cogito Install Task List Cloud WMPI (West)
Task 1. Cogito Deployment Notes
First time logging into each server the following commands must be run:
Delete RPC Reg key
Remove-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\RPC" -Force -Recurse
Turn-off firewall
Set-NetFirewallProfile -Profile Domain,Private,Public -Enabled False
Each Cogito VM DNS/A record must be registered with the service desk. Example of request form.
Install 3.5 .Net to all Cogito Servers
To install .NET 3.5 this can be done by mapping to this folder and copying \\epicfilesnp.uhc.com\technical\Epic_Azure\WindowsUpdate\sources\sxs to C:\sxs. Update the alternate path in the install to C:\sxs
After the CA certificates have been installed and SSL setup is complete on all Cogito servers the following command must be run.
(Only run this command if the listener already exists)winrm delete winrm/config/listener?Address=*+Transport=HTTPS
winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="[certificate name]"}
winrm enumerate winrm/config/Listener
Setspn –L [server name]
Task 2.3.5. Enable High Performance Mode - Powershell command to check for high performance mode
Powercfg /list
Task 2.4.4. Create Filesystems - Powershell command to check filesystems setup
Get-WmiObject Win32_Volume | select Label,Name,BlockSize | sort -Property Label
Task 2.4.6. Verify that Kernel-Only Memory Dump is Enabled - Powershell command to confirm that Kernel-Only Dump is Enabled
Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl" | Select-Object -Property DumpType
Task 2.4.7. Configure Windows TCP Parameters - Powershell command to confirm TCP Parameters
Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" | Select-Object KeepAliveTime, TcpTimedWaitDelay, MaxUserPort
Task 5.3.5. Enable High Performance Mode - Powershell command to check for high performance mode
Powercfg /list
Task 5.4.3. Create Filesystems - Powershell command to check filesystems setup
Get-WmiObject Win32_Volume | select Label,Name,BlockSize | sort -Property Label
Task 5.4.5. Verify Kernel-Only Memory Dump Is Enable- Powershell command to confirm that Kernel-Only Dump is Enabled
Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl" | Select-Object -Property DumpType
Task 5.4.6. Configure Windows TCP Parameters - Powershell command to confirm TCP Parameters
Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" | Select-Object KeepAliveTime, TcpTimedWaitDelay, MaxUserPort


## Task 1: Cogito Deployment Notes

### First-time Server Login Commands

- **Delete RPC Registry Key**:
  ```powershell
  Remove-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\RPC" -Force -Recurse


This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Accenture Team will provide Hypercare through Monday, August 4, 2025; Optum’s Cogito and SQL DBA teams will take over ongoing support for this environment starting Monday, August 16, 2025.
200712 / Cogito Install Task List MPI (West)
Task 1. Cogito Deployment Notes

- First time logging into each server the following commands must be run:
- Delete RPC Reg key
Remove-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\RPC" -Force -Recurse
- Turn-off firewall
Set-NetFirewallProfile -Profile Domain,Private,Public -Enabled False
- Each Cogito VM DNS/A record must be registered with the service desk. Example of request form.
- Install 3.5 .Net to all Cogito Servers
- To install .NET 3.5 this can be done by mapping to this folder and copying \\epicfilesnp.uhc.com\technical\Epic_Azure\WindowsUpdate\sources\sxs to C:\sxs. Update the alternate path in the install to C:\sxs
- After the CA certificates have been installed and SSL setup is complete on all Cogito servers the following command must be run.
- (Only run this command if the listener already exists)winrm delete winrm/config/listener?Address=*+Transport=HTTPS
- winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="[certificate name]"}
- winrm enumerate winrm/config/Listener
- Setspn –L [server name]
- Confirm that all servers are set to CST time.
- Task 2.3.5. Enable High Performance Mode - Powershell command to check for high performance mode
- Powercfg /list
- Task 2.4.4. Create Filesystems - Powershell command to check filesystems setup
- Get-WmiObject Win32_Volume | select Label,Name,BlockSize | sort -Property Label
- Task 2.4.6. Verify that Kernel-Only Memory Dump is Enabled - Powershell command to confirm that Kernel-Only Dump is Enabled
- Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl" | Select-Object -Property DumpType
- Task 2.4.7. Configure Windows TCP Parameters - Powershell command to confirm TCP Parameters
- Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" | Select-Object KeepAliveTime, TcpTimedWaitDelay, MaxUserPort
- Task 5.3.5. Enable High Performance Mode - Powershell command to check for high performance mode
- Powercfg /list
- Task 5.4.3. Create Filesystems - Powershell command to check filesystems setup
- Get-WmiObject Win32_Volume | select Label,Name,BlockSize | sort -Property Label
- Task 5.4.5. Verify Kernel-Only Memory Dump Is Enable- Powershell command to confirm that Kernel-Only Dump is Enabled
- Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl" | Select-Object -Property DumpType
- Task 5.4.6. Configure Windows TCP Parameters - Powershell command to confirm TCP Parameters
- Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" | Select-Object KeepAliveTime, TcpTimedWaitDelay, MaxUserPort
- Task 9.5.9. - Comment #1 - Clarity Console Execution Clarity and Caboodle SQL Metric Error.
- Task 11.9.1. - Comment #1 - Caboodle Nightly Execution failing due to packages not enabled for EligibilityEventFact.