10 Convergence Properties Reference
This chapter lists all the configuration parameters that are available in Oracle Communications Convergence. Each parameter is described with its name and a description of its purpose. Use the iwcadmin command-line utility to update the configuration properties for your deployment. See "Using the Convergence Administration Utility" for more information.
Global Convergence Configuration Properties
Whenever you make changes to the configuration files, you must stop and restart the client software because the configuration files are only read at startup. The client restart is required so that the changes you have made to take effect.
When you configure Convergence using the configuration utility, most of the parameters are assigned default values. You can change the default values depending on the changing business needs for your site. You can use the iwcadmin command to get the values that are assigned to any of the parameters.
iwcadmin -o parameter_name
In the following configuration properties tables, the command-line option name found in the left column is the parameter you use after -o option in the iwcadmin command. The property name shown in the right column is how the property is represented in the configuration file. Do not use the property name from the right column for the -o option. In addition, the right column is a definition for the option, containing the following details: the name of the property found in the configuration file, the data type for the expected value, the default value if any, whether or not this property is mandatory for proper configuration, and whether or not this property was set by the initial configuration program.
Unless specified, these parameters have a PUBLIC access type. Any RESTRICTED access types are for properties that perform special bulk updates. Use properties with RESTRICTED access types cautiously.
The following tables list the Convergence Server global configuration properties:
-
Table 10-1 Deployment-Level Global Configuration Properties
-
Table 10-2 LDAP User and Group Configuration Properties
-
Table 10-3 Authentication Configuration Properties
-
Table 10-4 Mail Service Configuration Properties
-
Table 10-5 Logging Configuration Properties
-
Table 10-6 Calendar Service Configuration Properties for Calendar Server 7 and Calendar Server 8
-
Table 10-7 Address Book Service Configuration Properties for Contacts Server
-
Table 10-8 Address Book Service Configuration Properties for Convergence WABP
-
Table 10-9 Deployment or Domain Specific Configuration Properties
-
Table 10-10 Administration Service Configuration Properties
-
Table 10-11 Single Sign-On Configuration Properties
-
Table 10-12 User Preferences Configuration Properties
-
Table 10-13 Event Notification System Configuration Properties
-
Table 10-14 Address Book Service JMQ Notification Configuration Properties
-
Table 10-15 Outside In Proxy Configuration Properties
Table 10-1 Deployment-Level Global Configuration Properties
| Option Name | Description |
|---|---|
|
base.defaultdomain |
Default domain to use for user resolution
|
|
base.loginseparator |
Character to be used as login separator (between user ID and domain). It should match any one of the character defined in service.loginseparator of mail and calendar back end service
|
|
base.defaultlocale |
Default locale to be used
|
|
base.passivatesession |
Enabling this option will allow web container to passivate all active sessions else all active session will be terminated upon session activation event. While typically run in a cluster, this parameter can also be enabled in a non-cluster environment.
|
|
base.enablehosteddomain |
Whether hosted domains is enabled
|
|
base.port |
Port number at which the application listens
|
|
base.sslport |
SSL Port number at which the application listens
|
|
base.enableauthonlyssl |
SSL can be used only for authentication and the subsequent access via non-ssl
|
|
base.ipaccessurl |
The access URL for this application. The URL must use IP address instead of host name.
|
|
base.ipsecurity.enable |
IP address along with the token is used for authorization if set to true
|
|
base.ignoreurldomain |
Prevents the use of the URL domain.
|
|
base.authcookiepath |
Cookie path for authorization cookie.
|
|
base.enablealwaysssl |
Whether calls to HTTP protocol are redirected to HTTPS protocol.
|
|
base.hstsmaxage |
The number of seconds, after receiving a request with STS header, that the host is considered as a Known HSTS Host. A value of 0 indicates that HSTS is not enforced.
|
|
base.defaulthost |
Default host name configured to redirect, in case, the requested host in the URL is invalid. The URL specifies the location where the Convergence is deployed on an Application Server. (example: http://localhost:8080/)
|
|
base.whitelistedhosts |
Comma-separated list of allowed hosted domains
|
|
base.googlemapapikey |
The Google map API key is used to access the Google maps
service in the Convergence address book. The Google map API key is
restricted to Javascript API, Geocoding API, and Directions API. See
the Google Maps Platform documentation for more information:
|
|
base.enableforgotpassword |
By setting this property to true, user will be allowed to reset the forgot password.
|
|
base.sessiontimeout |
Enables session timeout for reset password in
seconds.
|
|
base.sms.enable |
Enables resetting password using multifactor
authentication using SMS.
|
|
base.sms.channel |
Messaging server SMS channel name.
|
|
base.sms.defaultLDAPAttribute |
Default LDAP Attribute to be used to send SMS.
|
|
base.sms.timeout |
Enables specifying OTP expiry time in seconds.
|
|
base.mail.enable |
Enables resetting password using multifactor
authentication using Email.
|
|
base.mail.timeout |
Enables specifying OTP expiry time in seconds.
|
|
base.enablemultifactauth |
By setting this property to true, multi factor authentication will be
enabled for the user during login.One of the authentication
mechanism like mobile authentication needs to be enabled.Multi
factor authentication is enabled for all domains listed under
ActivatedDomains list.
|
|
base.oma.enable |
Enables multifactor authentication using mobile authenticator.
|
|
base.oma.issuer |
Issuer of time based one time password. If not set, the domain name
is considered as the issuer.
|
|
base.oma.timeout |
Specifies OTP expiry time in seconds.
|
Table 10-2 LDAP User and Group Configuration Properties
| Option Name | Description |
|---|---|
|
ugldap.schemaversion |
Schema level used by the deployment
|
|
ugldap.dcroot |
Domain component root suffix
|
|
ugldap.basedn |
Base DN to start the user search from
|
|
ugldap.ugfilter |
User/group filter to apply while user lookup
|
|
ugldap.domainfilter |
Domain filter to apply while domain lookup
|
|
ugldap.srchopattrs |
Comma-separated list of retrievable LDAP operational attributes
|
|
ugldap.host |
Host name of the LDAP service
|
|
ugldap.port |
Port number at which LDAP service listens
|
|
ugldap.enablessl |
Whether LDAP is SSL enabled
|
|
ugldap.enabledsslprotocols |
A list of the SSL protocols that will be used to decide which protocol to use while connecting to LDAP server over SSL connection. The first in the list will be considered first and so forth. If none of the listed protocol is supported by the back end server the connection to back end server will be rejected.
|
|
ugldap.minpool |
Minimum number of connections in LDAP Pool
|
|
ugldap.maxpool |
Maximum number of connections in LDAP Pool
|
|
ugldap.timeout |
LDAP operation time out in seconds
|
|
ugldap.refreshinterval |
Time interval (in minutes) after which, connections in LDAP pool will be re-created. 0 means no refresh is required
|
|
ugldap.monitoringinterval |
Monitoring interval (in seconds) for LDAP pool, when the LDAP server is down
|
|
ugldap.binddn |
The admin DN used for creating LDAP connection pool
|
|
ugldap.bindpwd |
The admin DN password
|
Table 10-3 Authentication Configuration Properties
| Option Name | Description |
|---|---|
|
auth.cert.enable |
Enables and disables X509 Certificate-based authentication.
|
|
auth.cert.enablefallback |
Enables and disables fallback to form-based login. This option should be set in conjunction with auth.cert.enable.
|
|
auth.ldap.enable |
This creates default configuration parameters required to enable LDAP authentication mechanism. Specific parameters can further be modified/created using parameter-specific CLI option.
|
|
auth.ldap.loginimpl |
An implementation of LoginModule interface (JAAS technology in Java). This property refers to a pluggable custom authentication module
|
|
auth.ldap.callbackhandler |
An implementation of HttpCallbackHandler class, which extends CallBackHandler (JAAS technology in Java). This property refers to a pluggable custom authentication module
|
|
auth.ldap.enableproxyauth |
Use this option to enable Proxy Authentication of the user.
|
|
auth.ldap.schemaversion |
The value of this should be same as ugldap.
|
|
auth.ldap.dcroot |
The value of this should be same as ugldap.dcroot
|
|
auth.ldap.basedn |
The value of this should be same as ugldap.basedn
|
|
auth.ldap.ugfilter |
The value of this should be same as ugldap.ugfilter
|
|
auth.ldap.domainfilter |
The value of this should be same as ugldap.domainfilter
|
|
auth.ldap.host |
Host name of the auth LDAP service
|
|
auth.ldap.port |
Port number at which auth LDAP service listens
|
|
auth.ldap.enablessl |
Whether auth LDAP is SSL enabled
|
|
auth.ldap.enabledsslprotocols |
A list of SSL protocols that will be used to decide which protocol to use while connecting to LDAP server over SSL connection. The first in the list will be considered first and so forth. If none of the listed protocol is supported by back end server the connection to back end server will be rejected.
|
|
auth.ldap.minpool |
Minimum number of connections in LDAP Pool
|
|
auth.ldap.maxpool |
Maximum number of connections in LDAP Pool
|
|
auth.ldap.timeout |
LDAP operation time out in seconds
|
|
auth.ldap.refreshinterval |
Time interval (in minutes) after which, connections in LDAP pool will be re-created. 0 means no refresh is required
|
|
auth.ldap.monitoringinterval |
Monitoring interval (in seconds) for LDAP pool, when the LDAP server is down
|
|
auth.ldap.binddn |
The admin DN used for creating LDAP connection pool
|
|
auth.ldap.bindpwd |
The admin DN password
|
|
auth.custom.servicename |
Name of service for custom authentication module
|
|
auth.custom.loginimpl |
An implementation of LoginModule interface (JAAS technology in Java). This property refers to a pluggable custom authentication module
|
|
auth.custom.callbackhandler |
An implementation of HttpCallbackHandler class, which extends CallBackHandler (JAAS technology in Java). This property refers to a pluggable custom authentication module
|
|
auth.misc |
Placeholder for custom auth provider configuration
|
|
auth.adminuserlogin.enable |
Whether proxy admins are allowed to login through web client
|
Table 10-4 Mail Service Configuration Properties
| Option Name | Description |
|---|---|
|
mail.enable |
Whether mail service is enabled or not
|
|
mail.host |
Host name of the back-end mail service
|
|
mail.port |
Port number at which back-end mail service listens
|
|
mail.enablessl |
Whether mail service is SSL enabled
|
|
mail.enabledsslprotocols |
A list of the SSL protocols that will be used to decide which protocol to use while connecting to Messaging Server over SSL connection. The first in the list will be considered first and so forth. If none of the listed protocol is supported by the back end server the connection to back end server will be rejected.
|
|
mail.requesttimeout |
Time out value in seconds to use if Mail server does not respond within this time. Zero means never time out
|
|
mail.cookiename |
Cookie name used by mail service as session identifier
|
|
mail.proxyadminid |
Back-end mail service's proxy admin UID. Used for proxy-auth to mail service. This should be of form: uid@domain if hosted domains setup is used
|
|
mail.proxyadminpwd |
Back-end mail service's proxy admin password. Used for proxy-auth to mail service
|
|
mail.uwcsievecompatible |
Specifies whether the sieve should be compatible with Communications Express
|
|
mail.uidreplayformat |
The replayformat option takes an argument of string that says how to construct the user ID for replay to the back end server.
|
|
mail.spam.folder |
Spam folder used to move messages marked as spam by the user
|
|
mail.spam.enableaction |
Specifies whether Spam Action (ability to mark/unmark messages as spam) should be enabled
|
|
mail.pop.refreshinterval |
Time interval (in sec) for the client to check the external mail server for new messages
|
|
mail.pop.requesttimeout |
Time interval (in sec) to wait for the response for POP requests. Zero means never timeout.
|
|
mail.enablemsgpreview |
Turns on/off the mail preview pane
|
|
mail.maxpool |
Maximum number of connections per route in a pool; this setting can be used when setting up a connection manager.
|
|
mail.pooltimeout |
Maximum amount of time (in sec) to wait while retrieving a connection from the pool; this setting can be used when setting up a connection manager.
|
|
mail.externalaccount.enable |
Whether to enable external account or not.
|
|
mail.restrictanyone |
Mirror option of store.privatesharedfolders.restrictanyone on Oracle Communications Messaging Server
|
|
mail.htmlsanitizer.enable |
Whether HTML sanitizer is enabled or not.
|
|
mail.htmlsanitizer.additionalwhitelist |
Comma separated list of HTML elements and attributes which should be allowed in mail content. Convergence already has an internal whitelist which cannot be changed. This additional whitelist is in addition to the internal whitelist. If an attribute is specified without an associated element, then that attribute will not be allowed for all elements.
Examples:
|
|
mail.htmlsanitizer.additionalblacklist |
Comma separated list of HTML elements and attributes which should be disallowed in mail content. Convergence already has an internal blacklist which cannot be changed. This additional blacklist is in addition to the internal blacklist. If an attribute is specified without an associated element, then that attribute will not be allowed on any element.
Examples:
|
|
mail.htmlsanitizer.additionalcsswhitelist |
Comma separated list of CSS properties for inline style, which should be allowed in mail content. Convergence already has a default CSS property list, only few additional CSS properties can be added to the whitelist. If an additional CSS property is not supported by HTML sanitizer, an exception will be thrown.
|
|
mail.htmlsanitizer.allowurlsinstyle |
Whether to allow URLs in inline styles or not. Enabling this option is vulnerable to XSS. This option can be set if the URLs referenced in mail content is from trusted source and is secure.
Example: <span style="background-image: url(http://example.com/image.png)"></span> |
|
mail.htmlsanitizer.sanitizesignature |
Whether to enable HTML sanitization for email signature.
|
Table 10-5 Logging Configuration Properties
| Option Name | Description |
|---|---|
|
log.enableusertrace |
Specifies whether user IP address and session ID should be included in the logs. Log pattern must include %X{ipaddress} and %X{sessionid}.
|
|
log.locationtype |
Definition for specifying Log Location Type. Currently supported location type: FILE, CONSOLE (aka STDOUT).
|
|
log.location |
The Location value is the location of Log file (and hence is applicable only for FILE type)
|
|
log.adminloglocationtype |
Log location type for admin log file
|
|
log.adminloglocation |
The location of admin log file (and hence is applicable only for FILE type)
|
|
log.sizetriggerval |
Set the maximum size in KB, that the log file is allowed to reach before being rolled over to backup files
|
|
log.timetriggerval |
The rolling schedule is specified by this pattern. Set the Date pattern at which the log file will be rolled over to backup files
|
|
log.maxbackupindex |
This option determines how many backup files are kept before the oldest is erased. This option takes a positive integer. If set to zero, there will be no backup files and the log file will be truncated when it reaches the size trigger value. The max backup index option is considered only if size trigger is set and is ignored for time trigger.
|
|
log.pattern |
The log record pattern used by the loggers
|
|
log.DEFAULT.level |
Level of Logging
|
|
log.CONFIG.level |
Level of Logging for Config module
|
|
log.AUTH.level |
Level of Logging for Auth module
|
|
log.PROXY_MAIL.level |
Level of Logging for Proxy Mail module
|
|
log.ADDRESS_BOOK.level |
Level of Logging for Address Book module
|
|
log.PROXY_CAL.level |
Level of Logging for Proxy Cal module
|
|
log.PROXY_NAB.level |
Level of Logging for Contacts Server proxy module
|
|
log.PROTOCOL.level |
Level of Logging for Protocol module
|
|
log.SIEVE.level |
Level of Logging for Sieve module
|
|
log.NOTIFY.level |
Level of logging for notification module
|
|
log.ADMIN.level |
Level of Logging for Admin module
|
|
log.ENS.level |
Level of logging for ENS module
|
|
log.PROXY_OIN.level |
Level of Logging for Proxy OIN module
|
|
log.ADDRESS_BOOK.appendername |
Appender name for ADDRESS_BOOK component
|
|
log.ADMIN.appendername |
Appender name for ADMIN component
|
|
log.AUTH.appendername |
Appender name for ADMIN component
|
|
log.CONFIG.appendername |
Appender name for CONFIG component
|
|
log.DEFAULT.appendername |
Appender name for DEFAULT component
|
|
log.ENS.appendername |
Appender name for ENS component
|
|
log.NOTIFY.appendername |
Appender name for NOTIFY component
|
|
log.PROTOCOL.appendername |
Appender name for PROTOCOL component
|
|
log.PROXY_CAL.appendername |
Appender name for PROXY CAL component
|
|
log.PROXY_CONF.appendername |
Appender name for PROXY CONF component
|
|
log.PROXY_MAIL.appendername |
Appender name for PROXY MAIL component
|
|
log.PROXY_NAB.appendername |
Appender name for PROXY NAB component
|
|
log.PROXY_OIN.appendername |
Appender name for PROXY OIN component
|
|
log.SIEVE.appendername |
Appender name for SIEVE component
|
|
log.appender.[appender_name].type where appender_name is the name of appender. |
Definition for specifying Log Location Type. Currently supported location type: FILE, CONSOLE (aka STDOUT).
|
|
log.appender.[appender_name].maxbackupindex where appender_name is the name of appender. |
This option determines how many backup files are kept before the oldest is erased. This option takes a positive integer. If set to zero, there will be no backup files and the log file will be truncated when it reaches the size trigger value. The max backup index option is considered only if size trigger is set and is ignored for time trigger.
|
|
log.appender.[appender_name].sizetriggerval where appender_name is the name of appender. |
Set the maximum size in KB, that the log file is allowed to reach before being rolled over to backup files.
|
|
log.appender.[appender_name].pattern where appender_name is the name of appender. |
The log record pattern used by the loggers.
|
Table 10-6 Calendar Service Configuration Properties for Calendar Server 7 and Calendar Server 8
| Option Name | Description |
|---|---|
|
caldav.enable |
Whether CalDAV Calendar service is enabled or not
|
|
caldav.host |
Host name of the back end CalDAV service
|
|
caldav.port |
Port number at which back end CalDAV service listens
|
|
caldav.enablessl |
Whether SSL should be used against back end CalDAV service
|
|
caldav.enabledsslprotocols |
A list of the SSL protocols that will be used to decide which protocol to use while connecting to CalDAV Server over SSL connection. The first in the list will be considered first and so forth. If none of the listed protocol is supported by the back end server the connection to back end server will be rejected.
|
|
caldav.requesttimeout |
Time out value in seconds to use if CalDAV server does not respond within this time. Zero means never time out
|
|
caldav.serviceuri |
Context URI at which the WCAP interface in CalDAV service is accessible
|
|
caldav.proxyadminid |
Back end CalDAV service's proxy admin UID. Used for proxy-auth to cal service. This should be of form: uid@domain if hosted domains setup is used
|
|
caldav.proxyadminpwd |
Back end CalDAV service's proxy admin password. Used for proxy-auth to calendar service
|
|
caldav.davuserattr |
Attribute name in the user's LDAP entry indicating the user is a CalDAV user in a co-existence deployment
|
|
caldav.groupobjectclass |
Object class names of groups to be filtered while searching for Corp-Dir groups. The filter matches with any one of the configured object class names to retrieve the results
|
|
caldav.autoprovision |
Whether CalDAV auto-provision in the back end CalDAV Server is enabled or not.
|
|
caldav.davuserobjectclass |
Name of the LDAP object class which should be present for valid CalDAV users if auto-provisioning is disabled
|
|
caldav.uidreplayformat |
The replayformat option takes an argument of string that says how to construct the user ID for replay to the back end server.
|
|
caldav.wcapversion |
WCAP Version of the CalDAV Service
|
|
caldav.maxpool |
Maximum number of connections per route in a pool; this setting can be used when setting up a connection manager.
|
|
caldav.pooltimeout |
Defines the time out (seconds) used when retrieving a connection from the pool.
|
Table 10-7 Address Book Service Configuration Properties for Contacts Server
| Option Name | Description |
|---|---|
|
nab.enable |
Whether the address book service provided by Contacts Server is enabled
|
|
nab.host |
Host name of the back-end address book service provided by Contacts Server
|
|
nab.port |
Port number at which back-end address book service provided by Contacts Server service listens
|
|
nab.enablessl |
Whether SSL is enabled to Contacts Server
|
|
nab.enabledsslprotocols |
A list of the SSL protocols that will be used to decide which protocol to use while connecting to NAB Server over SSL connection. The first in the list will be considered first and so forth. If none of the listed protocol is supported by the back end server the connection to back end server will be rejected.
|
|
nab.requesttimeout |
Time out value in seconds to use if address book service provided by Contacts Server does not respond within this time. Zero means never time out
|
|
nab.proxyadminid |
Contacts Server proxy admin UID. Used for proxy-auth to address book service. This should be of form: uid@domain if hosted domains setup is used
|
|
nab.proxyadminpwd |
Contacts Server proxy admin password. Used for proxy-auth to address book service
|
|
nab.nabuserattr |
Attribute name in the user's LDAP entry indicating whether the address book service is provided by Contacts Server or Convergence in a co-existence deployment
|
|
nab.uidreplayformat |
The replayformat option takes an argument of string that says how to construct the user ID for replay to the back end server.
|
|
nab.maxpool |
Maximum number of connections per-route
|
|
nab.pooltimeout |
Defines the time out (seconds) used when retrieving a connection from the pool.
|
|
nab.serviceuri |
Context URI at which the address book service provided by Contacts Server is accessible
|
Table 10-8 Address Book Service Configuration Properties for Convergence WABP
| Option Name | Description |
|---|---|
|
ab.enable |
Enable or disable WABP service
|
|
ab.purgetype |
Enables WABP purge, which permanently deletes entries marked for deletion. If ab.purgetype is auto then purging happens automatically upon login. If ab.purgetype is manual then purging can be done by invoking the purge_entries.wabp command.
|
|
ab.expireperiod |
WABP Purge, period (in days) after which the entries get deleted permanently. This is applicable only when enableautopurge is set to true
|
|
ab.purgeinterval |
When ab.purgetype is set to auto, this parameter specifies the interval (in days) between purges of the database.
|
|
ab.maxpostlength |
Defines the maximum content-length of a POST command. -1 means no limit.
|
|
ab.mycontacttag |
Tag name for my contact
|
|
ab.myfavoritestag |
Tag name for my favorites
|
|
ab.maxphotosize |
Maximum allowed photo size in bytes
|
|
ab.maxphotowidth |
Limit on dimension (width in pixels) of images being served
|
|
ab.maxphotoheight |
Limit on dimension (height in pixels) of images being served
|
|
ab.exportphoto |
If this is enabled it exports contacts with photo data in vCard 3.0 format
|
|
ab.importphoto |
If this is enabled it imports contacts with photo data in vCard 3.0 format
|
|
ab.import.vcard.misc |
Specify encoding to be used during import corresponding to each locale
|
|
ab.export.vcard.misc |
Specify encoding to be used during export corresponding to each locale
|
|
ab.maxpagedsearch |
Max number of simultaneous paged search for an instance of PersonalStore
|
|
ab.retries |
Number of retries to fetch default address book when a new user logs in
|
|
ab.psrootpattern |
Defines a default psRoot pattern for users that do not have the psRoot attribute. %U = uid of the user ("jsmith"), %D = domain of the user ("somedomain.com"), %O = most significant part of the domain ("somedomain")
|
|
ab.ldapdelay |
Amount of delay in number of milliseconds to be introduced to compensate delays due to LDAP updates
|
|
ab.storecachecount |
Enable cache entry count
|
|
ab.storeentrieslimit |
Total number of entries allowed in the user's address book.
|
|
ab.storequotawarn |
Indicate whether quota warning can be issued or not. A positive integer greater than zero indicates a warning else no warning.
|
|
ab.useuserpsroot |
Whether the per User psRoot should be used or not
|
|
ab.pstore.[identifier].ldappoolmin |
Minimum connections to the LDAP server
|
|
ab.pstore.[identifier].ldappoolmax |
Maximum connections to the LDAP server
|
|
ab.pstore.[identifier].ldappooltimeout |
Max time (in seconds) to wait for a connection to be freed up
|
|
ab.pstore.[identifier].ldappoolrefreshinterval |
Time interval (in minutes) after which, connections in LDAP pool will be re-created. 0 means no refresh is required
|
|
ab.pstore.[identifier].ldappoolmonitoringinterval |
Monitoring interval in seconds for LDAP pool, when the LDAP server is down
|
|
ab.pstore.[identifier].ldaphost |
Host name of the LDAP service
|
|
ab.pstore.[identifier].ldapport |
Port number at which LDAP service listens
|
|
ab.pstore.[identifier].ldapbinddn |
The admin DN used for creating LDAP connection pool. This pool will be used for PStore lookup
|
|
ab.pstore.[identifier].ldapbindcred |
The admin DN's password, used for creating LDAP connection pool. This pool will be used for PStore lookup.
|
|
ab.pstore.[identifier].enableldapssl |
Enable LDAP SSL
|
|
ab.pstore.urlmatch |
Specifies the type of URL this instance of the plug-in is responsible for. This value should be unique and is case sensitive.
|
|
ab.pstore.randompaging |
Specifies if the plug-in support access to any page, or if each page must be accessed starting at page 1. If false, the coresrv will loop until it gets to the right page.
|
|
ab.pstore.logintype |
This can be: anon (anonymous), restricted (login as user who has rights to view/write DB), or proxy (login as user that can 'masquerade')
|
|
ab.pstore.defaultserver |
Default server (identifier) used for construction psRoot
|
|
ab.pstore.displayname |
Display Name for Personal book
|
|
ab.pstore.description |
Description for Personal book
|
|
ab.pstore.getalldbattr |
This defines if all the database attributes should be passed in the LDAP search true or false.
|
|
ab.pstore.lookthrulimit |
This is the max number of entries to read in any one search. Should be set to max in directory or largest AB possible.
|
|
ab.pstore.deleteperm |
Mark the contact/group as deleted instead of permanently deleting it by setting following parameter as false
|
|
ab.pstore.allowdupentry |
Parameter which, if set to true, allows personal address book entries/groups to have the same name
|
|
ab.pstore.admingroupdn |
DN of admin group. If a user belong to this group then he is eligible to purge all user's contacts which are marked for deletion
|
|
ab.pstore.collationrule |
Locale on whose basis collation rule should be applied for Personal Address Book
|
|
ab.pstore.collationsearchfield |
Search Fields for which collation rule should be applied. The fields provided here should be disambiguator formatted fields. For example, entry/displayname, person/givenname, and so on.
|
|
ab.corpdir.[identifier].ldappoolmin |
Minimum connections to the LDAP server
|
|
ab.corpdir.[identifier].ldappoolmax |
Maximum connections to the LDAP server
|
|
ab.corpdir.[identifier].ldappooltimeout |
Max time (in seconds) to wait for a connection to be freed up
|
|
ab.corpdir.[identifier].ldappoolrefreshinterval |
Time interval (in minutes) after which, connections in LDAP pool will be re-created. 0 means no refresh is required
|
|
ab.corpdir.[identifier].ldappoolmonitoringinterval |
Monitoring interval (in seconds) for LDAP pool, when the LDAP server is down
|
|
ab.corpdir.[identifier].ldaphost |
Host name of the LDAP service
|
|
ab.corpdir.[identifier].ldapport |
Port number at which LDAP service listens
|
|
ab.corpdir.[identifier].ldapbinddn |
The admin DN used for creating LDAP connection pool. This pool will be used for corpdir lookup
|
|
ab.corpdir.[identifier].ldapbindcred |
The admin DN password, used for creating LDAP connection pool. This pool will be used for corpdir lookup.
|
|
ab.corpdir.[identifier].enableldapssl |
Enable LDAP SSL
|
|
ab.corpdir.[identifier].enable |
Whether corporate directory is enabled or not
|
|
ab.corpdir.[identifier].urlmatch |
Specifies the type of URL this instance of the plug-in is responsible for. This value should be unique and is case sensitive.
|
|
ab.corpdir.[identifier].wildcardsearch |
Specifies the minimum number of characters that need to be provided in a wildcard search. For example, 0 - entry/displayname=*, 1 - entry/displayname=a*
|
|
ab.corpdir.[identifier].randompaging |
Specifies if the plug-in support access to any page, or if each page must be accessed starting at page 1 If false, the coresrv will loop until it gets to the right page.
|
|
ab.corpdir.[identifier].vlvpaging |
Use VLV if DB has a VLV set for the default search type
|
|
ab.corpdir.[identifier].logintype |
This can be: anon (anonymous), restricted (login as user who has rights to view/write DB), or proxy (login as user that can 'masquerade')
|
|
ab.corpdir.[identifier].searchfilter |
Search filter for corporate directory searches. Syntax: (&(&([filter])(|(objectClass=GROUPOFUNIQUENAMES)(objectClass=GROUPOFURLS)(objectClass=ICSCALENDARRESOURCE)(objectClass=INETORGPERSON)))(objectClass=*))), Where [filter] will be replaced with search criteria. Ex: If search criteria is cn=* then [filter] will be replaced with cn=*
|
|
ab.corpdir.[identifier].vlvfilter |
VLV Search filter for corporate directory searches.
|
|
ab.corpdir.[identifier].vlvsearchbase |
VLV search base dn from where the corporate directory vlv searches are performed.
|
|
ab.corpdir.[identifier].vlvsortby |
VLV sort by fields for performing corporate directory searches. Multiple fields must be comma separated. For example, entry/displayname,person/surname.
|
|
ab.corpdir.[identifier].vlvscope |
VLV Search scope used for corporate directory searches.
|
|
ab.corpdir.[identifier].defaultserver |
Default server (identifier) used for construction psRoot
|
|
ab.corpdir.[identifier].displayname |
Display Name for corp dir
|
|
ab.corpdir.[identifier].description |
Description for corporate directory
|
|
ab.corpdir.[identifier].searchattr |
This defines the attributes to be used while obtaining an entry from DB. Provide the attributes as comma-separated. For example: entry/displayname,@uid. This is required especially for contacts and groups which can have different RDN's to identify them.
Convergence can be configured to search corporate directory on required fields. For example, when the search string is "someone" and if you want to search this string only in the uid, set ab.corpdir.[identifier].searchattr to @uid. Contact is represented by XML element <abperson uid="db:uid"> .....</abperson>. The @ symbol is used to represent the attribute in the XML element. For example, the mapping could be something like the following:
|
|
ab.corpdir.[identifier].groupoc |
Comma separated list of object classes to identify group entries.
|
|
ab.corpdir.[identifier].resourceoc |
Comma separated list of object classes to identify resource entries.
|
|
ab.corpdir.[identifier].getalldbattr |
This defines if all the database attributes should be passed in the LDAP search. Valid values are true or false.
|
|
ab.corpdir.[identifier].lookthrulimit |
This is the max number of entries to read in any one search. Should be set to max in directory or largest AB possible.
|
|
ab.corpdir.[identifier].collationrule |
Locale on whose basis collation rule should be applied for Corporate Directory
|
|
ab.corpdir.[identifier].collationsearchfield |
Search Fields for which collation rule should be applied. The fields provided here should be disambiguator formatted fields. For example, entry/displayname, person/givenname etc.
|
Table 10-9 Deployment or Domain Specific Configuration Properties
| Option Name | Description |
|---|---|
|
client.updateunreadcount |
Whether to update unread count for all folders when 'Get Mail' is clicked. Default is false.
|
|
client.mailcheckinterval |
Time interval (in sec) for the client to check the mail server for new messages
|
|
client.mailautosaveinterval |
Time interval (in sec) to auto-save partially composed emails as a draft. This option is to prevent inadvertent loss of a partially composed message
|
|
client.corpabentriesperpage |
Default number of entries per page used for corporate directory search.
|
|
client.dictlocale |
Default dictionary used by the site for spell check
|
|
client.helpurl |
Configure help URL for the application. For example help link out side application context: http://example.com/en/industries/communications To facilitate locale specific help URL, follow the below pattern. Please check the external help with locale specific support before configuring the help. For example: http://example.com/${locale}/industries/communications/ OR http://example.com/industries/communications?locale=${locale} ${locale} will be replaced with user preferred locale.
|
|
client.antispamurl |
Site specified service endpoint, which can permit each site to train their anti-spam service to recognize the message as spam in the future
|
|
client.autologouttime |
Time out period (in min) to auto log off users (by client) after a predefined period of inactivity
|
|
client.smarttznames |
Site wide defined set of time zones
|
|
client.enablecustomization |
Turn on or off customization service
|
|
client.enablertfcompose |
Turn on/off RTF editing for entire deployment. If it set to false then user's preference to enable or disable RTF editing will be ignored by convergence client. The default value is true.
|
|
client.screennameeditable |
Turn on/off editing user's display name through mail's local identity option.
|
|
client.uploadfilemethod |
Enables or disables attachment progress indicator in HTML5 web browsers. Use [iframe | html5] method for uploading attachment file, the specified method also determines whether a progress bar can be shown. If 'iframe' method is chosen, no progress bar is shown. If 'html5' method is chosen, a progress bar is shown for HTML 5 browsers. However, non HTML 5 browsers, e.g IE 8 or 9 will revert back to iframe method
|
|
client.enablecorpabautocomplete |
Turn on/off Auto completion of addresses from Corporate Address Book.
|
|
client.enablesecondaryemail |
Enables or disables secondary email functionality.
|
|
client.enablemap |
Enables or disables map.
|
|
client.enabledtheme |
To enable all available themes use 'all', the default value is also all. To enable a subset of the supported themes provide the theme names in a comma separated list. Supported theme names are: [all | theme_blue | theme_orange | theme_dark_blue | theme_light_blue | theme_grey | theme_yellow | theme_green | theme_teal | theme_pink | theme_butterfly|theme_teal_ocean | theme_pink_hearts | theme_blue_cheery | theme_starry | Altair] The default user interface theme option should be one of the enabled themes.
|
|
client.enablecallusingskype |
Enables or disables call using skype.
|
|
client.hideglobaltimezoneselection |
Whether to show or hide timezone selection in global options.
|
|
client.allowbuddyfromhosteddomain |
Allows user to add from all the hosted domains. This option hides adding buddy from Personal Address Book and through Email Address when set to false.
|
|
client.misc |
This facilitates adding custom client preference. For example, misc.{custom-attribute}>
|
|
client.groupsearchuniqueid |
Group search unique id field facilitates adding client specific custom field for unique Id. Multiple fields must be comma separated. Ex: uid,cn
|
|
client.groupsearchuniqueentry |
Group search unique entry is XPath of group search unique id attributes. Ex: XPath for uid is entry/@entryID, cn is entry/displayname. Multiple fields must be comma separated. The order of the group search unique entry attribute should match exactly the order of group search unique id attributes.
|
|
client.mainpage |
Location of the static html main page
|
|
client.loginpage |
Location of the static html login page
|
|
client.anoncalviewpage |
Location of the static html Anonymous calendar view page
|
|
client.changepasswordpage |
The URL for changing the user's password after it expires
|
|
client.enablesmsnotification |
Hide or show the SMS option in the Notifications tab in Calendar Options and in the Reminder dialog box.
|
|
client.enableforcelogout |
Whether to enable force logout or not when the primary services like
mail and calendar are disabled.
|
|
client.enableAttachmentRestriction |
Enables or disables attachment of certain file types in emails.
|
|
client.restrictedExtensionTypes |
List of file extensions blocked as attachments in emails
|
Table 10-10 Administration Service Configuration Properties
| Option Name | Description |
|---|---|
|
admin.enablessl |
Whether SSL is enabled for admin service
|
|
admin.enabledsslprotocols |
A list of the SSL protocols that will be used to decide which protocol to use while connecting to admin service over SSL connection. The first in the list will be considered first and so forth. If none of the listed protocol is supported by the admin service the connection to admin service will be rejected.
|
|
admin.enablemonitoring |
Whether monitoring is enabled
|
|
admin.adminpwd |
Application's administrator password. This is used by the CLI/Monitoring mechanism to provide authorized access to application administration
|
|
admin.keystorepwd |
Keystore password for SSL enabled admin server
|
Table 10-11 Single-Sign-On Configuration Properties
| Option Name | Description |
|---|---|
|
sso.oam.enable |
This creates default configuration parameters required to enable OAM SSO mechanism. Specific parameters can further be modified/created using parameter-specific CLI option. This flag differs from sso.enable
|
|
sso.ms.enable |
This creates default configuration parameters required to enable MS SSO mechanism. Specific parameters can further be modified/created using parameter-specific CLI option. This flag differs from sso.enable
|
|
sso.servicename |
This specifies the enabled SSO service name
|
|
sso.enable |
This specifies whether SSO service is enabled or not
|
|
sso.enablesignoff |
Whether single sign off service is enabled or not
|
|
sso.ssoserviceimpl |
SSO implementation provider name
|
|
sso.notifyserviceimpl |
Notification service implementation
|
|
sso.enablerefreshsso |
Whether SSO token refresh is enabled or not
|
|
sso.refreshinterval |
After what percentage of convergence session time out interval, SSO token should be refreshed
|
|
sso.misc |
Placeholder for custom SSO provider configuration
|
|
sso.adminuid |
Admin userid for SSO provider
|
|
sso.adminpwd |
Admin password for SSO provider
|
|
sso.loginpage |
Location of the login page to which the user is redirected to.
|
Table 10-12 User Preferences Configuration Properties
| Option Name | Description |
|---|---|
|
user.common.defaultapp |
The default application to display to user upon login
|
|
user.common.theme |
Specifies the name of default user interface theme used
|
|
user.common.defaultmailhandler |
Specifies the default mail handler for all mail links
|
|
user.common.dateformat |
Specifies date display and input format
|
|
user.common.datedelimiter |
Delimiter is the character that separates date, month and year in the
date
|
|
user.common.timeformat |
Specifies the time display format
|
|
user.common.timezone |
Specifies the time zone used to normalize all time/date information
in the client
|
|
user.common.enablesmartTZ |
Allows the end user to enable or disable the smart Time zone feature
for the client
|
|
user.common.layoutPreference |
Allows the end user to choose their preferred layout type
(ecko/classic)
|
|
user.ab.name |
Specifies the name of address book
|
|
user.ab.description |
Specifies the description of address book
|
|
user.ab.entriesperpage |
Specifies the number of entries to be displayed per page
|
|
user.cal.defaultview |
Calendar view to be presented at log in
|
|
user.cal.defaultcategory |
Specifies the default category for a event or a task
|
|
user.cal.daystart |
Start time hour for displaying calendar information
|
|
user.cal.dayend |
End time hour for displaying calendar information
|
|
user.cal.weekfirstday |
First day of the week to be displayed on user's calendar
|
|
user.cal.weekenddays |
Specifies the weekend days
|
|
user.cal.reminderinterval |
Amount of time before the event that an alarm should be sent
|
|
user.cal.enablenotify |
Enables/disables email notifications being sent for the event
reminder
|
|
user.cal.enablesmsnotify |
Enables/disables sms notifications being sent for the event
reminder
|
|
user.cal.enableinvitenotify |
Enables/disables email notifications being sent when the calendar
receives an invitation
|
|
user.cal.eventfilter |
Specifies the type of events to be displayed
|
|
user.mail.deleteonlogout |
Specifies if mails marked as deleted has to be removed when user logs
out of application
|
|
user.mail.autospellcheck |
Specifies if auto spell check is enabled
|
|
user.mail.blockimages |
Specifies if images in the incoming mail should be shown or
blocked
|
|
user.mail.mailsperpage |
Specifies the number of mails to display per page
|
|
user.mail.sortorder |
Specifies the sorting order
|
|
user.mail.sortbycol |
Specifies which column to be used to sort the mails
|
|
user.mail.enablertfcompose |
Specifies if compose window should use RTF
|
|
user.mail.displaycol |
Specifies which columns to display in mail view
|
|
Allowed Pattern/Values: true or false |
Change my status to idle when I am inactive for this many minutes
|
Table 10-13 Event Notification System Configuration Properties
| Option Name | Description |
|---|---|
|
ens.service.enable |
Enable or disable event notification system
|
|
ens.[Service_Name].enable |
Enable or disable notification service associated with this service name
|
|
ens.[Service_Name].servicename |
The name used to identify this service in ENS. Setting this to blank deletes this service.
|
|
ens.[Service_Name].datasource |
The name used to identify data source for this service.
|
|
ens.[Service_Name].threadpoolsize |
The number of threads to be created to process incoming messages
|
Table 10-14 Address Book Service JMQ Notification Configuration Properties
| Option Name | Description |
|---|---|
|
notify.service.enable |
Enable or disable notification service
|
|
notify.service.mq.threadpoolsize |
The number of threads to be created in the publisher/subscriber service. This parameter is optional.
|
|
notify.mq.[%serviceName%].servicename |
The name used to identify this service. Setting this to blank deletes this service.
|
|
notify.mq.[%serviceName%].enable |
Enable or disable notification service associated with this service name
|
|
notify.mq.[%serviceName%].destinationtype |
The destination-type (Topic or Queue) of the destination associated with this service
|
Table 10-15 Outside In Proxy Configuration Properties
| Option Name | Description |
|---|---|
|
oin.enable |
Whether OIN service is enabled or not
|
|
oin.host |
Host name of the back-end OIN service
|
|
oin.port |
Port number at which back-end OIN service listens
|
|
oin.requesttimeout |
Time out value in seconds to use if OIN server does not respond within this time. Zero means never time out
|
|
oin.tsdirpath |
Directory path for the OIN Transformation Server. Default path is /export/tsdir. Administrator needs to ensure this directory is setup with proper permissions for Convergence and Transformation Server to access.
|
|
oin.autopruneinterval |
Time interval (in minutes) to delete the transformed files in the TsdirPath
|