====== Settings ====== ---- The Settings section within the Manager Options allows administrators to set specific organizational parameters. A selection of these is shown below. {{ manager_settings:Settings.png }} ===== General ===== ---- The General panel contains the **Temporary Folder** parameter fields. This specifies the location where temporary files will be stored. The default setting is: TEMP. {{ manager_settings:2.png }} ===== Pulse – Agent’s Interval Checkin to Server ===== ---- The Pulse is the heartbeat between the agents and the server. The Pulse Frequency shall be sized accordingly to the number of agents connected to the server. The Automatic mode is the preferred method as the system automatically sets the Pulse value based on the number of agents enrolled on the server.\\ Advanced users might want to set this value manually. For guidelines purposes, we provide recommended pulse delays based on the total number of devices connected to the server within the [[installation_guide:server_software_installation:scalability|Server Scalability and Sizing]] Section. {{ manager_settings:5.png }} ===== Activating logs ===== ---- In order to activate the logs, you need to enable the option. After, you can use the logs within [[advanced:logs#using_logs | Logs Viewer]] {{advanced:logs-2.png}} ===== Automatic Inventory settings ===== ---- By default, the agents provide their inventory data at each startup as specified in the [[commands_glossary:commands_to_multiple_devices#agent_configuration | Agent Configuration]] section. In order to avoid unnecessary traffic, Administrator can elect to set a limit to the number of inventory per device over a time. {{manager_settings:12.png}} Please note that Inventory can still be requested on demand by using the [[commands_glossary:commands_to_multiple_devices#inventory | Refresh Inventory]] command. ===== SSL Certificate ===== ---- {{ manager_settings:11.png }} **SSL Certificate** This tab is automatically populated with the SSL certificate(s) stored and used within IIS. The serial number can be found by going to the SSL Certificate area within IIS and double clicking on the certificate listing. The contextual menu has the following options * **Save As** //- download and store the certificate// * **Distribute to Agents** //- deploy the certificate to all clients// * **Activate certificate** //- once deployed, activates the certificate (replaces previous certificate)// |{{:warning.png |}}In order to prevent misuse, **Xcalibur W** will not activate a certificate that has not been **previously** distributed to **all** clients. This prevents clients that have not yet received the new certificate from being unable to communicate with **Xcalibur W** due to a certificate mismatch.| {{ ssl:ssl.png }} |{{:warning.png |}} At first use, there is **no active certificate** set up on the server. Therefore, it is **not possible to enroll** any devices onto **Xcalibur W**. Make sure you **select one SSL Certificate as Active** as shown in the above capture.| ===== Authentication ===== ---- This panel contains the settings that concern authentication systems used to administrator access to **Xcalibur W**. {{ manager_settings:3.png }} When you enter the IP address of the AD server into the Host field, all authentication is done toward the AD server. However, if the account name does not exist on the local database, the authentication is rejected - even though it may be correct in terms of password. When using Active Directory as the means of authentication, the best method is to tick the Auto Enable newly created account check box and ask **Xcalibur W** users to log in. Once they have successfully logged in, you can then un-tick this box. This adds the AD user name to the local database but does not store any password information. Instead, it is used as a reference to ensure the AD user is allowed to authenticate on **Xcalibur W**. By default, AD authentication is based on the existence of the account name on the AD. However, you might want to **restrict access to certain AD Groups**. To do so, use the **AD Group restriction** tick box and enter the group name(s) in the corresponding field. ===== VNC Proxy ===== ---- The VNC Proxy panel contains a number of settings that allow you to manipulate how the VNC system is used to shadow desktops for remote assistance. For more details of how reverse VNC proxy works, please see the appropriate section. {{ manager_settings:4.png }} **VNC Proxy Automatic Close** This setting is used to set the number of minutes the VNC proxy connection will be allowed to stay open once the VNC session has been closed. At the default setting of 0, the proxy connection is kept open indefinitely. **Range of Ports (HTLM5 Viewers)** Use this setting to customize the port range used by HTLM5 VNC viewers that will be launched by your browser when you initiate a reverse VNC session. The default values are Start=5900 and End=5919. **Range of Ports (Agent Connection)** Use these settings to determine what port range will be used when the WPDA connects to the **Xcalibur W** in order to set up the reverse VNC proxy connection. The default values are Start=5980 and End=5999.