Configuration of the TIBCO ActiveMatrix BPM Directory Engine
This table describes the properties listed in de.properties. Unless specified, the property value is set to the default value shown.
Property Name | Default Value | Description |
---|---|---|
IgnoreCaseOnLogin |
false | Specifies if the authentication service should allow users to ignore case when logging in. This emulates how a typical Windows login is performed. |
DisableAllPushDestinations |
true |
Disables the processing of Push Destinations throughout Directory Engine. Any attempt to read a push destination will result in no data being returned. Any attempt to modify or set a push destination will result in an error being reported |
DisablePushDestinationsForResources |
true |
Disables the processing of Push Destinations throughout Directory Engine but only for Resources. Other organisational entities remain unaffected. See DisableAllPushDestinations for further details of the behavior. |
SqlInClauseLimit |
900 | The maximum number of elements used within an SQL "in" clause. You may need to change this value if your database does not support such a large value. |
NamedEntityCacheSize |
50 | The size of the NamedEntity ID sequence cache. See the section about sequence caching in the TIBCO ActiveMatrix BPM Performance Tuning Guide for the general effect of the size of ID sequence caches on system performance. |
ResetModelCache |
false | Determines whether caches are reset for organization model deployments. Must be changed to ’true’ to clear the caches. If the setting is already ’true’ it will need to be changed to ’false’ and back to ’true’ again (after several seconds between each save) to ensure that the change is picked up and the clearance has been activated. |
UserPropertyCacheSize |
50 | The size of the UserProperty ID sequence cache. |
NameComparisonCase Insensitive |
false | Determines whether comparisons of entity names are to be case-sensitive in situations such as RQL evaluation. By default they are case-sensitive, so custID would be different from CustId. |
LdapIDCacheSize |
50 | The size of the cache for LDAP container sequence ID numbers. |
LdapCacheTimeout |
60000 | The timeout period for the LDAP attributes cache, in milliseconds. A value of 0, or a negative number, disables the cache. |
LdapCacheMaxAttributes |
500 | The maximum number of LDAP entries whose attributes to be cached. A value of 0, or a negative number, means that no maximum is applied. |
LdapSearchPageSize |
1000 | Specifies whether paging of LDAP search results is supported, and the page size to be used.
Paging is a LDAPv3 extension (RFC 2696). You can determine whether an LDAP server supports paged results by examining the supported controls of the LDAP Server. If those controls do not contain the pagedResultsControl (uid:1.2.840.113556.1.4.319), paged results are disabled for searches against that LDAP server. If the LDAP server you are using supports this extension, you can configure the page size by setting this property to a positive integer that specifies the maximum number of rows to be included in each page of the search results. This can avoid LDAP connection timeouts. If your LDAP server does not report that it supports paged results, paging is still disabled even if this property is positive. Setting this property to 0 or a negative value disables the use of paged results across all LDAP servers. |
LdapBinaryAttributes |
None | Holds a list of the LDAP attributes, separated by spaces, that are to be treated as binary data. These are in addition to the binary attributes already pre-defined in the Java environment property java.naming.ldap.attributes.binary. See Use of Binary Attributes . |
AdminLdapDn |
uid\admin, ou\=system | Optional.
The LDAP Distinguished Name (DN) for the default internal user tibco-admin. See Configuring the Admin User . |
OrgModelRestrictionsEnabled |
None | Enables, or disables, the organization access restrictions defined within LDAP Containers.
When disabled (the default) no restrictions will be placed on a user's access to organizations, or the entities within them. When enabled, users will only have access to those organizations associated with the LDAP Container to which they belong, and to those organizations not associated with any LDAP Container. |
ResourceQueryBatchSize50 |
50 |
The number of dynamic query entities updated in a single database transaction. Should be sufficiently large enough for performance but not too large that the database transaction limit is reached. |
ResourceQueryCacheSize |
50 |
The size of the cache for Resource Query ID sequence numbers. |
ResourceQueryCounterLimit |
5 |
Number of rows to spread reference counts across in the database. Should be at least the same as the number of nodes. |
ResourceQueryDeletionInterval |
600 |
The interval between re-evaluation of resource queries to identify those that are no longer referenced such that they may be removed from the system. Specified in seconds. |
ResourceQueryRetryLimit |
5 |
The number of attempts to save a resource query in the database before reporting failure. |
ResourceQueryRetryInterval |
500 |
The period to wait between retries if an attempt to save a resource query in the database fails. Specified in milliseconds. |
The following properties are related to candidate queries: | ||
AutoResourceGenEnable |
true |
Enables, or disables, the processing of resource candidate queries; to automatically populate positions and groups with resources, according to configured LDAP queries. In a multi-node environment, only one node is chosen (at random) to schedule and process the candidate query processing events. If that node is stopped, another node will be chosen to take over the scheduling and processing. |
AutoResourceDeleteEnabled |
false |
Enables, or disables, the automatic deletion of those resources deemed to be invalid. A resource is deemed to be invalid when the LDAP entry, from which it originates, can no longer be found. When this property is true, the processing of invalid resources is performed as part of the dynamic population of organization models. This property only applies when AutoResourceGenEnable is true. |
AutoResourceGenStart |
03:30 |
The time of day (expressed in the JVM's default time-zone) at which the first candidate query processing will be scheduled. The accepted format for this value is "hh:mm"; where "hh" is a value from 00 to 23, and "mm" if a value from "00" to "59". In a multi-node environment, only one node is chosen (at random) to schedule and process the candidate query processing events. If that node is stopped, another node will be chosen to take over the scheduling and processing. Subsequent processing events are scheduled according to the value of the property AutoResourceGenInterval. This property only applies when AutoResourceGenEnable is true. |
AutoResourceGenInterval |
P1D |
The delay between the start of one candidate query processing event and the next. This value should be great enough to ensure that two events do not overlap. If a processing event does not complete within the specified interval, events may be skipped. The value is expressed as an XML Schema Duration string. This property only applies when AutoResourceGenEnable is true. |
The following properties are related to extension points: | ||
ExtensionPointProcessEnable |
true |
Enables, or disables, extension point processing events. If disabled, no more events will be scheduled following the completion of any currently scheduled event. In a multi-node environment, only one node is chosen (at random) to schedule and process the extension point processing events. If that node is stopped, another node is chosen to take over the scheduling and processing. |
ExtensionPointDeleteEnabled |
true |
Enables, or disables, the automatic removal of the organization model entities dynamically generated from the processing of extension points. When this property is true, dynamically generated entities are removed when the LDAP entry/attribute from which they are derived is removed. This property only applies when ExtensionPointProcessEnable is true. |
ExtensionPointProcessStart |
03:00 |
The time of day (expressed in the JVM's default time-zone) at which the first extension point processing will be scheduled. The accepted format for this value is "hh:mm"; where "hh" is a value from 00 to 23, and "mm" if a value from "00" to "59". In a multi-node environment, only one node is chosen (at random) to schedule and process extension point processing events. If that node is stopped, another node is chosen to take over the scheduling and processing. Subsequent processing events are scheduled according to the value of the property ExtensionPointProcessInterval. This property only applies when ExtensionPointProcessEnable is true. |
ExtensionPointProcessInterval |
P1D |
The delay between the start of one extension point processing event and the next. This value should be great enough to ensure that two events do not overlap. If a processing event does not complete within the specified interval, events may be skipped. The value is expressed as an XML Schema Duration string. This property only applies when ExtensionPointProcessEnable is true. |
The following properties are not initially specified in the file: | ||
AdminLdapName |
tibco-admin | Optional.
The name of the internal user who is authorized to login until another user is configured. See Configuring the Admin User . |
AdminLdapAlias |
None. | Optional.
The name of your corporate LDAP server. See Configuring the Admin User . |
SecurityModelUpgraded |
None. | Optional.
This property is specified in the file only when a system has been upgraded. See Use of the n2-auth Login Application . |
The following parameters, present in earlier versions of the de.properties file, are no longer required: