Table of Contents |
---|
...
Introduction
There are several user configuration attributes within NMIS8 that administrators should consider changing to better suit their environment.
Related Wiki Space:
https://community.opmantek.com/x/BgAF
Settings
Authentication
The authentication section allows for many customizations such as login banner, keys, authentication servers, etc. Here's an example of how to use an AD server for external authentication: https://community.opmantek.com/x/WgC2
...
Below are a few commonly changed configuration items when installing a new NMIS.
Authentication
Category | Configuration | Original Value | Possible Values | Link | Description |
---|---|---|---|---|---|
authentication | auth_cookie_flavour | nmis | nmis, omk | User Management in NMIS8 | To configure NMIS to share authentication cookies with Opmantek Applications, it is necessary that you change the configuration item auth_cookie_flavour from the default "nmis" to "omk" and set the configuration item auth_web_key to the same value as the OMK application's first omkd_secrets configuration. |
authentication | auth_default_groups | As above | When accessing NMIS, you have a choice on how to handle authenticated users who do not have authorisations defined, you can reject them, or you can allow them default access. This is so that you do not have to define every user in the system if the authentication system is providing a reduced list of users, to have the users become an operator or guest by default and be able to see all groups of devices, the following would apply. 'auth_default_privilege' => 'guest', 'auth_default_groups' => 'all'. To prevent default authorisation, simply define them as blank, which is the default in the NMIS8 Install configuration. | ||
authentication | auth_default_privilege | As above | As above for auth_default_groups | ||
authentication | auth_ldap_context | ou=people,dc=opmantek,dc=com |
...
As above | The base of context to attempt to bind to | ||
authentication | auth_ldap_server | 192.168.1.5 |
...
<ip> | As above | The LDAP server to use for autheitcation. | |||
authentication | auth_method_1 | htpasswd | As above | In the NMIS configuration you can configure multiple methods which are used for auth failure, so if ms-ldap fails, it will fail back to htpasswd for example. This means if you set auth_method_1 to be ldap and auth_method_2 to be htpasswd, and login with the default NMIS credentials (and you have not changed the password), the authentication for LDAP will fail, and then authentication with the users.dat will succeed and the user will be logged in. | |
authentication | auth_method_2 | As above | As above for auth_method_1 | ||
authentication | auth_ms_ldap_base |
...
dc=corp,dc=opmantek,dc=com |
...
As above | The LDAP Base to search from | ||
authentication | auth_ms_ldap |
...
_dn_acc | nmis | As above | The DomainName\account to bind with | |
authentication | auth_ms_ldap_ |
...
NMIS can send email based on alerts. Edit the email attributes below to suit your organization.
Code Block |
---|
'email' => {
'mail_server' => '127.0.0.1',
'mail_server_ipproto' => undef,
'mail_combine' => 'true',
'mail_domain' => 'yourdomain.com',
'mail_from' => 'nmis@yourdomain.com',
'mail_from_reports' => 'nmis-reports@yourdomain.com',
'mail_use_tls' => 'false',
'mail_server_port' => '25',
'mail_user' => 'your mail username',
'mail_password' => ''
}, |
System
The System section has many attributes. We recommend reading through them as it will provide some insight into what level of customization is available. At a minimum set the server_name accordingly.
...
dn_psw | XXXXXXXXX | As above | The password for the above | ||
authentication | auth_ms_ldap_server | 192.168.1.5 | <ip> | As above | The Active Directory server to use for authentication |
authentication | auth_sso_domain | As above | |||
authentication | auth_user_name_regex | [\w \-\.\@\`\']+ | <regex> | As above |
Category | Configuration | Original Value | Possible Values | Link | Description |
---|---|---|---|---|---|
mail_combine | true | true, false | NMIS8 Email | ||
mail_domain | yourdomain.com | <domain> | As above | ||
mail_from | nmis@yourdomain.com | <email> | As above | ||
mail_from_reports | nmis-reports@yourdomain.com | <email> | As above | ||
mail_password | <password> | As above | |||
mail_server | 127.0.0.1 | <ip> | As above | ||
mail_server_ipproto | ipv4, ipv6 | As above | |||
mail_server_port | 25 | <integer> | As above | ||
mail_use_tls | false | true, false | As above | ||
mail_user | your mail username | <username> | As above |
Globals
Category | Configuration | Original Value | Possible Values | Link | Description |
---|---|---|---|---|---|
globals | node_name_rule | ||||
globals | threshold_falling_reset_dampening | ||||
globals | threshold_rising_reset_dampening | ||||
globals | uuid_add_with_node | Using Unique Identifiers (UUID) for NMIS Nodes |
System
Category | Configuration | Original Value | Possible Values | Link | Description |
---|---|---|---|---|---|
system | demote_faulty_nodes | true | true, false | For nodes that have been non-collectable for a long time NMIS offers to attempt collect operations only once every 24 hours. | |
system | display_status_summary | false | true, false | NMIS Node Status | |
system | fastping_interval | Added in NMIS 9.0.3 | |||
system | fastping_target_interval | Added in NMIS 9.0.3 | |||
system | graph_cache_maxage | ||||
system | nettype_list | wan,lan,vpn,man,san,voice,default | <list> | ||
system | network_viewNode_field_list | status,outage,sysName,host_addr,host_addr_backup, group,customer,location,businessService,serviceStatus, nodeType,nodeModel,polling_policy,sysUpTime,sysLocation, sysContact,sysDescr,ifNumber,lastUpdate, nodeVendor,sysObjectName,roleType,netType | <list> | Adding or Rearranging fields in the Node Details View | Controls which fields are shown in the Node View and in what order. |
system | node_status_uses_status_summary | false | true, false | NMIS Node Status | |
system | non_stateful_events | Node Configuration Change, Node Reset, NMIS runtime exceeded | <list> | ||
system | os_username | ||||
system | polling_interval_factor | 0.9 | <decimal> | Fraction of the polling interval after which node is considered for next poll | |
system | threshold_period-interface | -15 minutes | Added in NMIS 8.5 | ||
system | threshold_period-pkts | -15 minutes | Added in NMIS 8.5 | ||
system | threshold_period-pkts_hc | -15 minutes | Added in NMIS 8.5 |