Configuration
Configuration
The settings below are taken from the file /usr/local/mk/conf/opCommon.nmis (a text file).
The settings detailed here are used across all Opmantek commercial applications.
You may need to restart the omkd daemon / service after making changes to these items.
Application specific configuration items can be found under the wiki space for the given application.
Common Settings to Consider Adjusting
You will need to change the email settings to that of your email server.
Authentication
Section | Name | Original Value |
| Possible Values | Description |
|---|---|---|---|---|---|
authentication | auth_crowd_password |
|
| <password> |
|
authentication | auth_crowd_server |
|
| <ip> |
|
authentication | auth_crowd_user |
|
| <username> |
|
authentication | auth_expire_seconds | 3600 |
| <integer> |
|
authentication | auth_htpasswd_encrypt | crypt |
| crypt, plaintext, apache-md5 |
|
authentication | auth_htpasswd_file | <omk_conf>/users.dat |
| <relative filepath> |
|
authentication | auth_lockout_after | 0 |
| <integer> | seconds, 0 for none. |
authentication | auth_login_motd | Authentication required: default credentials are nmis/nm1888 |
|
|
|
authentication | auth_method_1 | htpasswd |
| htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect | openid_connect supported as at April 2021. See below. |
authentication | auth_method_2 |
|
| htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect |
|
authentication | auth_method_3 |
|
| htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect |
|
authentication | auth_ms_ldap_attr | sAMAccountName |
|
|
|
authentication | auth_ms_ldap_base | CN=Users,DC=your_domain,DC=com |
| <ldap> |
|
authentication | auth_ms_ldap_debug | true |
| true, false |
|
authentication | auth_ms_ldap_dn_acc | CN=Administrator,CN=Users,DC=your_domain,DC=com |
|
|
|
authentication | auth_ms_ldap_dn_psw | your_administrator_password |
| <password> |
|
authentication | auth_ms_ldap_group | CN=Users,DC=your_domain,DC=com |
| <ldap> |
|
authentication | auth_ms_ldap_server | your.ip.address.here |
| <ip> |
|
authentication | auth_ms_ldaps_capath | required |
|
|
|
authentication | auth_ms_ldaps_server | your.ip.address.here |
| <ip> |
|
authentication | auth_ms_ldaps_verify |
|
|
|
|
authentication | auth_sso_domain |
|
| <domain> |
|
OKTA OpenID specific
Section | Name | Original Value |
| Possible Values | Description |
|---|---|---|---|---|---|
authentication | auth_method_1 | openid_connect |
|
| Set as per this entry to enable. |
authentication → auth_openid_connect | type | okta |
|
| As at April 2021, only OKTA is tested and supported |
authentication → auth_openid_connect | url | https://YOUR_SUBDOMAIN.okta.com/oauth2/default/v1/token |
|
| You should replace YOUR_SUBDOMAIN with the subdomain provided by OKTA. |
authentication → auth_openid_connect | password | password |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect | test_error | error_description |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect | test_success | access_token |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect | username | username |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → post | client_id | YOUR_CLIENT_ID |
|
| You should replace YOUR_CLIENT_ID with the client id provided by OKTA. |
authentication → auth_openid_connect → post | client_secret | YOUR_CLIENT_SECRET |
|
| You should replace YOUR_CLIENT_SECRET with the client secret provided by OKTA. |
authentication → auth_openid_connect → post | grant_type | password |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → post | scope | openid |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → post | password |
|
|
| Do not set. |
authentication → auth_openid_connect → post | username |
|
|
| Do not set. |
authentication → auth_openid_connect → headers | accept | application/json |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → headers | content_type | application/x-www-form-urlencoded |
|
| OKTA specific (do not change). |
Core
Some core web application settings.
Section | Name | Original Value |
| Possible Values | Description |
|---|---|---|---|---|---|
core | max_backup_files | 50 |
| <integer> |
|
core | websocket_proxy_port | undef |
| <integer> |
|
Database
The database section contains connection details to your MongoDB database.
Section | Name | Original Value |
| Possible Values | Description |
|---|---|---|---|---|---|
database | db_admin_port | 28017 |
| <integer> |
|
database | db_connection_timeout | 20000 |
| <integer> |
|
database | db_name | nmis |
| <name> |
|
database | db_password | op42flow42 |
| <password> |
|
database | db_ping_timeout | 2000 |
| <integer> |
|
database | db_port | 27017 |
| <integer> |
|
database | db_query_timeout | 5000 |
| <integer> |
|
database | db_server | localhost |
| <hostname> |
|
database | db_use_v26_features | 1 |
| <integer> |
|
database | db_username | opUserRW |
| <username> |
|
database | db_write_concern | 1 |
| <integer> |
|
Directories
Section | Name | Original Value |
| Possible Values | Description |
|---|---|---|---|---|---|
directories |