This section describes the different properties that you can use in the STR to configure the Platform.
...
derby.restore.path
...
Default value: ""
Set this property to set the Derby restore directory.
to configure the Platform.
Property | Description | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
mail.smtp.ssl.protocols | Default value: "TLSv1.2" Specifies the SSL protocols that will be enabled for SSL connections. The property value is a whitespace separated list of tokens, with possible values "TLSv1, TLSv1.1, TLSv1.2". | ||||||||||||
mz.codeserver.saveStateInterval | Default value: Whenever an update to the Codeserver state is made, such as when saving a workflow with a change in its APL code, the Codeserver state will have to be saved. Using this property allows you to set the minimum interval (in seconds)for how often the Codeserver saves its state to the disk. | ||||||||||||
mz.config.persistance.obfuscation | Default value: SHA-256 This property is to use the crypto algorithm for hashing data, for example, filesDefault value: Use this property to enable or disable obfuscation of configuration data stored in the
When you set this property, existing data is not automatically updated. The data for each individual configuration is stored obfuscated or in plain text when you save it. See also | mz.crypto.hash.algorithm | when you save it. See also | ||||||||||
mz.crypto.hash.algorithm | Default value: SHA-256 This property is to use the crypto algorithm for hashing data, for example, files. | ||||||||||||
mz.crypto.key.crypt | Default value: AES This property is to use the crypto algorithm to encrypt and decrypt sensitive data within communications, for example, passwords. The value can be set to AES/GCM/NoPadding for a higher level of security.
| ||||||||||||
mz.crypto.key.cryptstream | mz.dynamicconnections | Default value: This property specifies if the pico instances for Desktop, mzsh, and Service Contexts must be registered on pico hosts for access:
false - Instances must be registered on pico hosts for accessDefault value: AESPBKDF2WithHmacSHA256 This property is to use the crypto algorithm to encrypt and decrypt sensitive data within communications, for example, passwordsto encrypt configurations when you have a user password for the encryption. The value can be set to AES/GCM/NoPadding for a higher level of security PBEWithMD5AndDES.
| mz.crypto.key.stream |
Note | ||
---|---|---|
| ||
If the decryption fails when using the selected algorithm, it will try to use the other algorithm. |
mz.cryptoservice.keystore.path
Default value: ""
This property specifies the full path to the crypto service keystore file. This keystore file is used for encrypting/decrypting passwords with specific keys stored in the keystore, and needs to be of JCEKS type. See the JDK product documentation for further information about using keytool in different scenarios. See also the sections describing the mzsh encryptpassword
and mzsh reloadkeystore
in the Command Line Tool User's Guide for further information.
Default value: ""
This property specifies the password for the crypto service keystore file specified by the mz.cryptoservice.keystore.path property. This keystore is used for encrypting/decrypting passwords with specific keys stored in the keystore. See the sections describing the mzsh encryptpassword and mzsh reloadkeystore in the Command Line Tool User's Guide for further information.
Default value: false
Set this property to true
if you want to bypass the remote database validation in the Database profile. Validation requires that the configured database, tables and columns are available, and if they are unavailable when the validation is performed, the configuration and all its dependents can be marked as invalid. You can set this property if you require to validate your configuration when, or in an environment where, the database or its tables are unavailable.
Default value: "/path/to/accelerators.properties"
Set this property with the default value to set your own key bindings. You require to unpack a properties file from devkit.jar
, and go to com/digitalroute/devkit/ui/accelerators/accelerators.properties
. Save the accelerators.properties
file to disk, and set this property to enable the accelerators.properties
file.
If the decryption fails when using the selected algorithm, it will try to use the other algorithm. |
mz.cryptoservice.keystore.path
Default value: ""
This property specifies the full path to the crypto service keystore file. This keystore file is used for encrypting/decrypting passwords with specific keys stored in the keystore and needs to be of JCEKS type. See the JDK product documentation for further information about using keytool in different scenarios. See also the sections describing the mzsh encryptpassword
and mzsh reloadkeystore
in the Command Line Tool User's Guide for further information.
Default value: ""
This property specifies the password for the crypto service keystore file specified by the mz.cryptoservice.keystore.path property. This keystore is used for encrypting/decrypting passwords with specific keys stored in the keystore. See the sections describing the mzsh encryptpassword and mzsh reloadkeystore in the Command Line Tool User's Guide for further information.
Default value: false
Set this property to true
if you want to bypass the remote database validation in the Database profile. Validation requires that the configured database, tables and columns are available, and if they are unavailable when the validation is performed, the configuration and all its dependents can be marked as invalid. You can set this property if you require to validate your configuration when, or in an environment where, the database or its tables are unavailable.
Default value: "/path/to/accelerators.properties"
Set this property with the default value to set your own key bindings. You require to unpack a properties file from devkit.jar
, and go to com/digitalroute/devkit/ui/accelerators/accelerators.properties
. Save the accelerators.properties
file to disk, and set this property to enable the accelerators.properties
file.
Default value: true
This property specifies if the pico instances for Desktop, mzsh, and Service Contexts must be registered on pico hosts for access:
true
- Instances always have access.
false
- Instances must be registered on Pico hosts for access.
Default value: "^.*_anon_.*$, ^SSL_.*$, ^(.*(3DES)).*$, ^.*_DHE_.*$
"
This property allows you to use regex to manually disable the Java security cipher suite when using any Picos to connect to the Platform with SSL enabled. This property is used when the Platform uses a different Java version than the rest of the Picos. As there may be differences in the security ciphers between versions, the property aims to disable these ciphers to allow the Picos to communicate with the Platform.
Default value: "default"
If the compilation of is the system is slow after you import a new configuration, set this property to determine the javac Javac version to be used. The possible values are 7, 8 or default. Setting this value to "7" may improve the compilation time.
Default value: $MZ_HOME/etc
This property specifies the directory that contains the installation the installation license file i e .e. mz.license
.
mz.mailserver
Default value: ""
This property specifies the name or IP address of the mail server to be used for event-generated e-mails.
Note |
---|
The use of this property has been deprecated and will removed in future releases. Use the property |
Default value: false
Enables SMTP authentication.
Note |
---|
The use of this property has been deprecated and will removed in future releases. Use the property |
Default value: ""
Set the SMTP user to be used for login when having enabled SMTP authentication with the mz.mailserver.auth
property.
Default value: false
Set this property to true if you want to enable SMTP authentication. If set to true
, you also need to add the properties mz.mailserver.auth.user
andmz.mailserver.auth.password
.
Default value: ""
This property specifies the name or IP address of the mail server to be used for event-generated e-mails.
Default value: ""
Set the encrypted password to be used for the SMTP user stated in the mz.mailserver.auth.user
property when having enabled SMTP authentication with themz.mailserver.auth
property.
To encrypt the password, use the mzsh encryptpassword
command, and enter the result in this field. See the Command Line user documentation for further information on how to use this command.
Default value: 25/587
Use this property to configure which port you want to used for sending event-generated e-mails. When the mz.mailserver.auth
property is not used, i e set to false
, the default value is 25
. When the mz.mailserver.auth
is set to true
, the default value is 587
.
mz.notifier.mailfrom
Default value: ""
This property specifies the sending e-mail address to be used for event-generated e-mails. You must enter an e-mail address for an event notification to be sent by e-mail.
Default value: true
This property enables the cache during a system import.
Default value: 5
Use this property to configure a cache for the external references by entering the number of seconds you want the cache to live. If you require to disable the cache, for example in a development enviromentenvironment, set the value to 0.
Default value: 5
Use this property to configure a cache for the external references stored on an S3 Container by entering the number of seconds you want the cache to live. This will only work when you have the S3 Properties File selected in your external reference profile. If you require to disable the cache, for example in a development environment, set the value to 0.
mz.platform.wf.max.concurrent.starts
This property decides how many workflows that can start loading at the same time. No limit is set for actual running workflows.
Warning |
---|
Only change the property if support has expressly recommended it. It is normally not recommend recommended to change this property since it can introduce some instability. |
Default value: 10
This is a platform property that controls the number of threads used for the thread pool used by the workflow and group servers.
If you have a very large batch system with a lot of scheduling and workflows that are starting and stopping frequently, this property might need to be increased to get more threads.
Default value: false
Enables or disables the password
expiration check.
If both properties above are set to true, the user is required to change the password every N days set in
mz.security.max.password.age.admin
and mz.security.max.password.age.user
.
Note | ||
---|---|---|
| ||
This property is only applicable when |
Default value: 30
This property specifies the maximum password age for administrator users in days.
Please refer mz.security.max.password.age.
enabled columnenabled
column.
Note | ||
---|---|---|
| ||
This property is only applicable when |
Default value: 90
This property specifies the maximum password age for users in days.
Please refer mz.security.max.password.age.
enabled column.enabled
column.
Note | ||
---|---|---|
| ||
This property is only applicable when |
Default value: 12
This property specifies how
many passwords back that are required to be unique before reusing an old password.
Note | ||
---|---|---|
| ||
This property is only applicable when |
mz.security.user.control.enabled
Default value: false
This property enables or disables enhanced user security. If set to true
, a number of rules regarding the passwords apply as soon as the platform is restarted. For information about enhanced user security, see 6.1 Access Controller in the Desktop User's Guide.
Note | ||
---|---|---|
| ||
At installation of |
Default value: 8
This property specifies the minimum total number of characters in a password.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: 1
This property specifies the minimum number of uppercase characters and numeric characters in a password.
Default value: The password needs
to be at least 8 characters.
The message to be displayed for the user when they have not met the condition for the minimum
length of the password.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: [A-Z0-9]
|
Default value:
8
1
This property specifies the minimum number of uppercase characters and numeric characters in a password.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: The password needs
at least
one capital letter or a number in it.
The message to be displayed for the user when they have not met the condition for the minimum
number of upper case or numerical characters in the password.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: ""
|
Default value:
""
[A-Z0-9]
The
pattern of the permitted values in the regular expression. The password will be matched to the pattern to determine if the condition is met.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: ""
|
Default value: 1
This property specifies the minimum number of special characters, e g number or capital letter, in a password.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: false
This property enables or disables the password reset feature.
Setting this property totrue
will prompt users to change their password when logging in to after password reset by mzadmin
If both properties above are set to true
, new user is required to change password during their first login.
If admin reset password for a user, the user is also required to change password when they re-login.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: false
Use this property to restrict user login to one instance for each interface type, i e Desktop, Web Interface, and Command Line Tool mzsh.
This property determines the port range used by services. The system will bind to ports in the provided ranges. The values must not overlap with the ports used by SCs that are running on the same host.
This property contains one or more service-specific identifiers that sets set behaviors, that are required by services that run on the Platform.
mz.statistics.collect.all
Default value: true
This property enables or disables the collection of all statistics on the Platform. When you set this property to false
, it overrides mz.statistics.collect.pico
and mz.statistics.collect.workflow
.
mz.statistics.collect.pico
Default value: true
This property enables or disables the collection of pico statistics on the Platform.
mz.statistics.collect.workflow
Default value: true
This property enables or disables the collection of workflow statistics on the Platform.
Default value: false
This property determines if the subfolders feature in Desktop is enabled or disabled. If you want to enable the subfolders feature in Desktop, set the value to true.
mz.subfolder.separator
Default value: "_"
This property determines the separator you can use when naming folders in on the Desktop so that the subfolders feature is enabled. The valid values are "-"
or "_"
.
Default value: 500000
This property determines the maximum number of search results when you run a search in the System Log.
mz.ultra.bitfield.codec
Default value: "false"
This property selects the implementation that is to be used for ultra bit_block. If set to “true”, the newly selected implementation will be used. Values that are not set using this property will use the old implementation.
Default value: ""
If you want to set any XML data type to be converted into a string, you must set the value of this property to the data type you intend to convert. For example, if you wish to have all decimal data type types be handled as stringstrings, set the value of this property to decimal
.
For further information on XML schema support, see 18. XML Schema Support.
Default value: off
If you want to use XML union element type, you must enable this property .
If you want to use unions and restrictions inside unions, set this property to union
. If you want to use restrictions everywhere, including inside union type, set this property to on
. For further information on XML schema support, see 18. XML Schema Support.
mz.use.date.timezone
Default value: false
Setting this property to true
will instruct to the system to use the attached time zone when SQL input originates from a date object.
In most cases, the property should be set in the pico configuration of EC/ECSAs. However, in case of audit processing, the property should also be set in the pico configuration of the Platform.
Note that if the mz.use.date.timezone
property is used for setting dates with another time zone, there will be no way of keeping track of the actual time zone in the database, and you may have to manually convert the date during selection. To keep track of the time zone in an Oracle database, use the data type TIMESTAMP WITH TIME ZONE.
Default value: false
Setting this property to true
will limit the password change to only once per day.
User from the Administrator Group is not restricted by this property.
Note | ||
---|---|---|
| ||
This is only applicable when values of both |
Default value: false
Setting this property to true
will disable user accounts with inactivity exceeding 90 days. However, system accounts (admin accounts) are not affected by this.
Note | ||
---|---|---|
| ||
This is only applicable when the value of |
Default value: ""
Setting this property with an encrypted password will change the mzadmin password at platform startup.
For information about how to reset the mzadmin password, see 2.9 Resetting the mzadmin Password.
Note | ||
---|---|---|
| ||
This property should always be removed when not being used. Otherwise, the mzadmin password will be reset at every platform startup. |
Default value: false
If you add this property with the value true
, files or configurations with more than one underscore at the beginning of the name are not visible from the Desktop after you restart the Platform.
Default value: none
Use this property to enable or disable obfuscation of user data stored in the MZ_HOME/data
folder:
none
- Data is not obfuscated when saved. cannot The system cannot read obfuscated data.readwrite
- Data is obfuscated when saved. can The system can read both obfuscated and plain text data.read
- Data is not obfuscated when saved. can The system can read obfuscated data. Use this value when you want to convert obfuscated to plain text.
When you set this property, existing data is not automatically updated. The data for each individual configuration is stored obfuscated or in plain text when you save it.
See also mz.config.persistance.obfuscation
.
mz.userserver.filebased
Default value: true
This property specifies if user and access group data should be stored to on disk instead of the database.
Note | ||
---|---|---|
| ||
The possibility to store user and access group data in the database will be removed in future releases and itis it is therefore highly recommended to set the value of this property to |
mz.wi.host
Default value: Taken from the common property pico.rcp.server.host
.
This is the host IP address or hostname used to communicate with the Platform Web Interface.
mz.wi.port
Default value: 9000
This is the port used to communicate with the Platform Web Interface.
Note | ||
---|---|---|
| ||
This is the port that you use to launch the Desktop. |
Default value:""
This property adds extra value to Felix Osgi's boot delegation.
Note | ||
---|---|---|
| ||
The value of this parameter should be a string with a an extra boot delegation for Felix osgiOsgi. The value should not include a space and should not start or end with a comma. For AppDynamic monitoring tool the value should always be com.singularity.* . |
Default value: 2700
This property specifies the time (in seconds) to wait before de-registering an unreachable EC from the Platform. Once de-registered, another EC can be brought up to replace it.
An EC is considered to be unreachable when the last known state was that it was running , but has since lost contact with the Platform.
pico.rcp.tls.keystore
Default value: ""
Set this property to enable the system to use TLS for all RCP connections that are not from the local host. If this property is not set, TLS will not be used at all.
Default value: MZ_HOME/tmp
This property specifies the pico Pico temp directory you want the Platform to use.
snmp.trap.format.b
Default value: ""
Add this property and set it to true if you want to activate the new format for SNMP events corresponding to the latest MIB latest MIB definitions. If this property is not included, or if it is set to false, the previous invalid format will apply, which may be useful for backwards backward compatibility reasons.
Scroll ignore | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||