Updating default system settings
The following tables list default policy settings and configurations in the systems. System administrators can modify these values as needed to change the behavior of specific modules and features within the application.
To modify default system settings, go to System → System Default:
Parameter | Default value | Allowed value(s) | Purpose | |
|---|---|---|---|---|
| 1 | Account Password Change Max Failed Attempts | 3 | 0-999 | Set a value of how many times password change attempts are made by the vault for automated password changes. It is recommended to keep a value lower than your policy set at the asset level. |
| 2 | Account Password Checkout Timeout (Seconds) | 30 | 1-999 | Set a value (in seconds) to display the checked-out password on the screen when a user checks out a password. |
| 3 | Account Password Rotation Max No Of Threads | 5 | 1-2999 | Set a value to run X number of threads for password changes jobs. |
| 4 | Allow Edit User Logon Name | 0 | 0-1 | Configure the value as 1 in case you want to allow updation of the username by administrator |
| 5 | Allow Permanent Deletion Of Account | 0 | 0-1 | Configure the value as 1 in case you want to allow permanent deletion of the accounts from the system |
| 6 | Allow Permanent Deletion Of Asset | 0 | 0-1 | Configure the value as 1 in case you want to allow permanent deletion of the assets from the system |
| 7 | Allow Permanent Deletion Of User | 0 | 0-1 | Configure the value as 1 in case you want to allow permanent deletion of the users from the system |
| 8 | Allow Vault Access From Thin Client | 1 | 0-1 | Configure the value as 1 in case you want to allow the access of vault using thin client |
| 9 | Analytical Reports - Max Record To Show | 5000 | 1-99999 | Configure a value to set the maximum limit for analytical reports to be displayed on UI |
| 10 | Application - Host Header Injection Validation | NA | Domain name/hostname to be validated in every request header | Configure a value to set the condition for the server to respond back when one hits the URL of PAM |
| 11 | Application - Session Page Refresh Validation | 0 | 0-1 | Configure the value as 1 in case you want to validate page refresh event to avoid resubmitting last post back event |
| 12 | Application - Session Security Validation | 0 | 0-1 | Configure the value as 1 in case you want to allow users to work on multiple tabs at the same time |
| 13 | Application - Session Source IP Validation | 0 | 0-1 | Configure the value as 1 in case you want to validate user session source IP Address with requesting IP Address |
| 14 | Asset Status Timeout (Milliseconds) | 200 | 100-5000 | Configure a value to set the timeout for connectivity of an asset |
| 15 | Auto Assign Instance to User on Creation | 1 | 0-1 | Configure the value as 1 to auto assign default instance when the user is created |
| 16 | AutoStart AppService - AccountDiscovery | 0 | 0-1 | Configure the value as 1 to auto start AccountDiscovery service |
| 17 | AutoStart AppService - AccountManagement | 0 | 0-1 | Configure the value as 1 to auto start AccountManagement service |
| 18 | AutoStart AppService - AccountsLifecycle | 0 | 0-1 | Configure the value as 1 to auto start AccountsLifecycle service |
| 19 | AutoStart AppService - AssetADSync | 0 | 0-1 | Configure the value as 1 to auto start AssetADSync service |
| 20 | AutoStart AppService - AssetDiscovery | 0 | 0-1 | Configure the value as 1 to auto start AssetDiscovery service |
| 21 | AutoStart AppService - AssetStatus | 1 | 0-1 | Configure the value as 1 to auto start AssetStatus service |
| 22 | AutoStart AppService - EPMAgentServer | 0 | 0-1 | Configure the value as 1 to auto start EPMAgentServer service |
| 23 | AutoStart AppService - EPMManagement | 0 | 0-1 | Configure the value as 1 to auto start EPMManagement service |
| 24 | AutoStart AppService - Notification | 0 | 0-1 | Configure the value as 1 to auto start Notification service |
| 25 | AutoStart AppService - PasswordManagement | 0 | 0-1 | Configure the value as 1 to auto start PasswordManagement service |
| 26 | AutoStart AppService - PasswordStatusMonitoring | 0 | 0-1 | Configure the value as 1 to auto start PasswordStatusMonitoring service |
| 27 | AutoStart AppService - SatelliteVault | 0 | 0-1 | Configure the value as 1 to auto start SatelliteVault service |
| 28 | AutoStart AppService - SessionManagement | 1 | 0-1 | Configure the value as 1 to auto start SessionManagement service |
| 29 | AutoStart AppService - SpectraWorkflow | 0 | 0-1 | Configure the value as 1 to auto start SpectraWorkflow service |
| 30 | AutoStart AppService - SystemCache | 1 | 0-1 | Configure the value as 1 to auto start SystemCache service |
| 31 | AutoStart AppService - SystemCleanup | 0 | 0-1 | Configure the value as 1 to auto start SystemCleanup service |
| 32 | AutoStart AppService - SystemBackup | 0 | 0-1 | Configure the value as 1 to auto start SystemBackup service |
| 33 | AutoStart AppService - SystemEvent | 0 | 0-1 | Configure the value as 1 to auto start SystemEvent service |
| 34 | AutoStart AppService - SystemHighAvailability | 0 | 0-1 | Configure the value as 1 to auto start SystemHighAvailability service |
| 35 | AutoStart AppService - SystemLogManagement | 0 | 0-1 | Configure the value as 1 to auto start SystemLogManagement service |
| 36 | AutoStart AppService - SystemManagement | 0 | 0-1 | Configure the value as 1 to auto start SystemManagement service |
| 37 | AutoStart AppService - SystemReporting | 0 | 0-1 | Configure the value as 1 to auto start SystemReporting service |
| 38 | AutoStart AppService - UserManagement | 0 | 0-1 | Configure the value as 1 to auto start UserManagement service |
| 39 | AutoStart AppService - UserStatus | 1 | 0-1 | Configure the value as 1 to auto start UserStatus service |
| 40 | AutoStart AppService - WebAppHighAvailability | 0 | 0-1 | Configure the value as 1 to auto start WebAppHighAvailability service |
| 41 | Browser RDP Parameters | /bpp:16 /gdi:sw -wallpaper -aero -window-drag -menu-anims -themes +fonts +compression -mouse-motion +bitmap-cache -offscreen-cache +glyph-cache -async-input -async-update -async-channels | RDP Parameters | Configure the value of the “BrowserRDP_Parameters” option to configure multiple properties like wallpaper, themes, animations, etc., during the RDP Over Browser session. |
| 42 | Browser RDP Version | 2 | 1-2 | Configure a value to set the version for RDP over Browser |
| 43 | Browser SSH Version | 1 | 1-2 | Configure a value to set the version for SSH over Browser |
| 44 | Collect Asset Information Hours - EPMAgentServer | 24 | 1-999 | Configure a value to retrieve EPM asset information like Administrators, Processes, Softwares and Agent status |
| 45 | Compress Data Time Frame (hh:mm-hh:mm) | 02:00 - 04:00 | 00:00 - 23:59 | Configure the timeframe for System Cleanup. The default value is 02:00 - 04:00. |
| 46 | Enable Secure Link For Account Credentials | 0 | 0-1 | Configure the value as 1 to send a secure link for password checkout when password access is requested |
| 47 | Enable Session Video Logs Server | 0 | 0-1 | Configure the value as 1 to enable session video log server to store session recordings |
| 48 | From Header Default Date Range | 7 | 1-30 | Configure a value to the set date range to be appeared in the header |
| 49 | Group Mapping Process Version | 1 | 1-2 | Configure a value to select the version for account group and user group mapping process |
| 50 | Jump Server Startup Program | C:\\Sectona.Client.Vault\\Sectona.Client.Vault.exe | Any path from the system (Sectona Client Vault should be present at the specified path) | Configure a path of startup program for Jump Server |
| 51 | Network Discovery Timeout (Minutes) | 30 | 1-999 | Configure a value to set timeout limit for network discovery job |
| 52 | Process Run Every Days - SystemCleanup | 30 | 1-999 | Configure a value to set recurring day to run the SystemCleanup service |
| 53 | Re-authenticate User On Session Reconnect | 0 | 0-1 | Configure the value as 1 to authenticate user every time the session gets reconnected |
| 54 | Risk View Default No of From Days | 25 | 1-30 | Configure a value to set the maximum limit for days from which risk viewgraph can be drawn |
| 55 | Route Account Operation Via SessionProxy | 0 | 0-1 | Configure the value as 1 to operate account operations such as password change through session proxy |
| 56 | Sectona URI Launcher Client Root Directory | temp | temp or AppData | Configure a directory to store client session information |
| 57 | Sectona URI Launcher Client Sub Directory | Sectona | Any Directory name | Configure a sub directory for storing client session information |
| 58 | Sectona URI Launcher System Client Version | 1100 | 1100-9999 | Configure the appropriate value to specify current System Client Version |
| 59 | Session Management Keep Alive Time (Minutes) | 3 | 1-9 | Configure a value to set limit for session to be terminated after inactivity |
| 60 | Session View Default No of From Days | 7 | 1-30 | Configure a value to set maximum limit for session view to be displayed |
| 61 | Show Asset Filters On MyAccess UI | 0 | 0-1 | Set the default value to 1 to get the asset category and asset type filter like the web application. The asset list will be displayed as per the selected values. Set the default value to 0 to get the asset list as per the active mapping policy. |
| 62 | Show MFA AccessKeys On UI | 0 | 0-1 | Configure the value as 1 to make MFA secret and shared keys visible on UI |
| 63 | Support License Expiry Alert Before (Days) | 5 | 0-99 | Configure a value to set the limit for support license expiry alert |
| 64 | Sync User Status From Directory Store In UserStatusService | 0 | 0-1 | Configure the value as 1 to syc Active directory user operations with PAM, so that if a user is disabled or deleted from AD then it will be marked inactive on PAM. |
| 65 | Syslogs Retention Period In Days | 90 | 30-9999 | Configure a value for the syslog to be retained in the system |
| 66 | System License Expiry Alert Before (Days) | 5 | 1-99 | Configure a value to set limit for system license expiry alert |
| 67 | TriggerInterval AppService - AccountDiscovery (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for AccountDiscovery service |
| 68 | TriggerInterval AppService - AccountManagement (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for AccountManagement service |
| 69 | TriggerInterval AppService - AccountsLifecycle (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for AccountsLifecycle service |
| 70 | TriggerInterval AppService - AssetADSync (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for AssetADSync service |
| 71 | TriggerInterval AppService - AssetDiscovery (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for AssetDiscovery service |
| 72 | TriggerInterval AppService - AssetStatus (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for AssetStatus service |
| 73 | TriggerInterval AppService - EPMManagement (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for EPMManagement service |
| 74 | TriggerInterval AppService - Notification (Minutes) | 2 | 1-9999 | Configure a value to set trigger interval time for Notification service |
| 75 | TriggerInterval AppService - PasswordManagement (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for PasswordManagement service |
| 76 | TriggerInterval AppService - PasswordStatusMonitoring (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for PasswordStatusMonitoring service |
| 77 | TriggerInterval AppService - SatelliteVault (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for SatelliteVault service |
| 78 | TriggerInterval AppService - SessionManagement (Minutes) | 1 | 1-9999 | Configure a value to set trigger interval time for SessionManagement service |
| 79 | TriggerInterval AppService - SpectraWorkflow (Minutes) | 1 | 1-9999 | Configure a value to set trigger interval time for SpectraWorkflow service |
| 80 | TriggerInterval AppService - SystemCache (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for SystemCache service |
| 81 | TriggerInterval AppService - SystemCleanup (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for SystemCleanup service |
| 82 | TriggerInterval AppService - SystemBackup (Minutes) | 60 | 1-9999 | Configure a value to set trigger interval time for SystemBackup service |
| 83 | TriggerInterval AppService - SystemEvent (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for SystemEvent service |
| 84 | TriggerInterval AppService - SystemHighAvailability (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for SystemHighAvailability service |
| 85 | TriggerInterval AppService - SystemLogManagement (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for SystemLogManagement service |
| 86 | TriggerInterval AppService - SystemManagement (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for SystemManagement service |
| 87 | TriggerInterval AppService - SystemReporting (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for SystemReporting service |
| 88 | TriggerInterval AppService - UserManagement (Minutes) | 5 | 1-9999 | Configure a value to set trigger interval time for UserManagement service |
| 89 | TriggerInterval AppService - UserStatus (Minutes) | 300 | 1-9999 | Configure a value to set trigger interval time for UserStatus service |
| 90 | TriggerInterval AppService - WebAppHighAvailability (Minutes) | 1 | 1-9999 | Configure a value to set trigger interval time for WebAppHighAvailability service |
| 91 | Update last video and metadata in cache | 1 | 0-1 | Configure a value as 1 to update last video and metadata in cache |
| 92 | Use Secondary IP Of Asset | 0 | 0-1 | Configure the value as 1 to make Secondary IP field visible on Add Asset page |
| 93 | Use ProcessServer For AppService | 0 | 0-1 | Configure the value as 1 to make for not configurable app services to run in separate process on same server where core application runs |
| 94 | Use RDPD Proxy for Launcher Based RDP Session | 0 | 0-1 | Configure the value as 1 to bypass RDPD proxy from launcher based RDP session |
| 95 | User Logon Show SAML Option | 0 | 0-1 | Configure the value as 1 to make SAML option visible on User Login page |
| 96 | User Session Lockout (Minutes) | 20 | 0-9999 | Configure a value to set limit to lock user session |
| 97 | User Session Risk Scoring Calculation | 1 | 0-1 | Configure the value as 0 to hide Risk View and Risk Score from user sessions |
| 98 | Vault Client Communication Protocol Version | 1 | 1-2 | Configure a value to set communication protocol version for Sectona Launcher and web application |
| 99 | Vault Client Connection Timeout (In Seconds) | 100 | 1-100 | Configure a value to set the timeout for Vault Client Connection |
| 100 | Video Log Default Timer Interval (Milliseconds) | 1000 | 1-9999 | Configure a value to set time interval between two consecutive frames of video logs |
| 101 | Web Application Load Balancing (Between P1-P2) | 0 | 0-1 | Configure the value as 1 to activate load balancing |
| 102 | Web Session Timeout (Minutes) | 20 | 1-999 | Configure a value to set the timeout for Web Session |
Last modified by: This defines the last modification in the parameter values done by whom.
Last modified on: This defines the previous date and time the parameter values were modified.