5.2 Configurations Available in Settings Window.
In this section, we describe the configurations available in (Server) Settings window. It opens when you click on the settings button on the global menu.
5.2.1 Setting the Data Retention policy
netLD stores all configuration data unless specified. However, it causes the size of the database to increase in the long run. You can set an expiration period of the data to avoid this problem. The configuration is available in Data Retention menu.
In Delete expired data weekly at this time, you can configure which timing you want to remove the old data. The rest determines just as it says:
• Duration to keep configuration history
• Duration to keep terminal proxy history
• Duration to keep job execution history
5.2.2 System Backup
netLD data is stores in a PostgreSQL database in the pgsql directory directly under the installation directory. A netLD system backup will backup this data. You can also restore the database if required. We recommend scheduling a daily-automated System Backup
i. Perform system backup
The following settings can be changed in the system backup settings.
Menu Items | Description |
Enable daily system backup | Check to activate the backup schedule. |
Perform the system backup daily at this time | Specify the time to perform the system backup. |
Number of backup to keep | Specify the number of backups to keep. (1, 7, 14, 30) |
Perform System Backup Now | Performs a system backup. |
Last Successful system backup performed | Displays the time of the last backup. |
Restore System Backup | Restore system backup. |
The file name of the system backup is in “backup_YYYY-MM-DD.zip” format.
* YYYY-MM-DD indicates the date in Coordinated Universal Time (UTC) when executing the system backup. In addition, depending on the number of times the system backup is performed in a day, a branch number such as ".1" may be appended to the end of the file name.
(Example) File name: "backup_2019-01-23.1.zip"
ii. Restore system backup
Note that the restore will only succeed if the data is at the same revision. When you update netLD, your backup data will be updated to correspond to the latest revision. We do not recommend restoring this data to another server until it has also been updated.
Select "Restore system backup", select the backup data file and execute. After the restoration, the service will be restarted automatically.
Only the admin can restore the system backup file.
Be sure to select the correct system backup file when selecting a file. Restoring the wrong file may prevent netLD from starting.
iii. Store system backup externally
Normally, in netLD, the system backup is saved to the local server. We recommend backing up to an external data store for disaster recovery use.
To set this option, use the netLD console screen. All settings on the console screen are made using only the keyboard.
- Press "6" on the keyboard.
- Press “4” on the keyboard.
- Select the server type.
ⅳ. Enter the required information and press the Enter key.
Menu Items | Description |
Remote NFS/SMB path | Network path / IP address |
Username | User name set in the server |
Password | Password set for server |
ⅴ. Please select one of the following options for your existing backup data:
Menu Items | Description |
[1] Copy existing backups to the NFS/SMB and delete | Copy an existing backup to NFS / SMB and delete it |
[2] Delete existing backups | Delete an existing backup |
This completes the console screen settings.
* If setup is performed, normally the system will automatically restart.
ⅵ. Log into the netLD user interface and click “Settings”.
ⅶ. Select “System Backup” and press “Perform System Backup”.
Verify that the backup is stored on the external system.
5.2.3 Mail Server
You can set an SMTP server to allow netLD to send E-mails. Following configurations are available.
Figure 5.2.3: Mail Server section in settings window
Menu Items Description
Mail server host name or IP address The mail server by host name or IP address.
From email address The sender email address.
From name The sender name.
Server requires authentication Enables the server authentication.
Mail server username Mail server username for the authentication.
Mail server password Mail server password for the authentication.
5.2.4 Changing the Data Directory in Operation
You can customize not only the backup directory but also the current setting directories, while it requires some amount of operations.
1. Stop the running netLD service (via CLI, Service Manager or Task Tray. see
Sec. 2.6)
2. Copy derby and lucene subdirectories (cf. Sec. 7.2, p.231) to the destination directory, E://nlddata for example.
3. Open Net LineDancerˇosgi-configˇconfig.iniand find the following line:
netld.datadir=
Append the destination directory path to the line:
netld.datadir=E://nlddata
4. Start netLD service in CLI. (e.g., net start netld)
5.2.5 netLD RADIUS External Authentication
netLD provides the ability for users to be authenticated using an external Remote Access Dial In User Service (RADIUS) server. This guide will explain how to configure netLD to enable this integration.
Requirements
In order to run the RADIUS integration you must have a RADIUS capable server like Microsoft Active Directory or FreeRADIUS. The netLD server and RADIUS server must also be able to communicate using UDP on port 1812.
Configuring RADIUS
In order for netLD to be able to authenticate, the RADIUS server only needs to be configured to handle Access-Request packets. After sending an Access-Request to the RADIUS server, netLD will listen for an Access-Accept response. The response should contain one or more Filter-Id attributes.
Here is an example configuration for a user named ”jdoe” in FreeRADIUS. . .
jdoe Cleartext-Password := "password"
Filter-Id += "role:Administrator",
Filter-Id += "networks:*",
Filter-Id += "customFields:1,2,3,4,5"
This configuration tells FreeRADIUS that for an Access-Request for a user named ”jdoe” to match the password ”password”. If the password matches an Access-Accept response will be sent with three Filter-Id attributes set. These three Filter-Id attributes control the access the user is granted.
Name Required Description
role Yes The name of the netLD role to assign to this user.
networks No A comma separated list of the managed networks
visible to the user. (Use ”*” to grant access to all networks)
custom Fields No A comma separated list of the custom fields
that should be visible to the user.
Configuring Net LineDancer
To configure RADIUS authentication you must tell netLD the hostname and shared secret for communicating with your RADIUS server. The RADIUS config- uration settings can be found in the Server Settings window.
Here you can enter the hostname or IP address of the RADIUS server and the shared secret to use when making requests. You can test if the settings are correct by entering a test username and password into the Test Authentication area. Clicking the Test button will cause netLD to attempt an Access-Request against the specified server.
To enable the RADIUS integration check Allow authentication using an exter- nal RADIUS server and click on OK.
5.2.6 Changing the Column Names of Custom Device Fields
You can add arbitrary texts in the custom fields of the devices. In order to modify the value of custom field in each device, see Sec. 3.3.4. In this setting section, you can customize the titles of Custom Device Fields.
5.2.7 Launchers (URL Launchers)
In this setting section, you can create shortcuts to access certain URLs defined by the device in the right-click menu which appears in the inventory.
If you set a URL Launcher template (IP Address for example), an IP Address button appears in the right-click menu in Device View. When you click on it, the template is instantiated with the device information, and the browser opens the result URL.
To add such a launcher, click on to insert the entry to the list. The URL may contain some specific patterns surrounded with braces {} which are substituted with the actual value of each device.
{device.ipAddress} in the URL of that entry is substituted with an actual IP address 10.0.0.1.
Those patterns are added via ← buttons in URL Variables.
5.2.8 Network servers
In the network server menu, you can set the time to log out automatically when there is no operation and the primary IP address of the server.
ⅰ.User login idle timeout
The login idle timeout will automatically log users out of the netLD GUI when the idle timeout is reached. The default timeout period is 30 minutes. We recommend setting this value to match your company’s policy.
For security and compliance reasons, this feature cannot be disabled.
ⅱ.Enable DNS Lookup
Checking Enable DNS Lookup in the network server menu will use reverse DNS to populate the device hostnames.
Uncheck the DNS Lookup to use the host name notation set on the device.
* After changing the settings, back up the device to display the updated hostname.
netLD primary server IP address will be automatically detected when the program is launched. To change the value, use Server Primary IP Address pull down list to change the IP address and click on the OK button.
Restart Required dialog will show up. Click on the Yes button to restart the server and apply changes in the settings.
Changing the HTTPS port (Windows version only)
Enable Host the HTTPS web client on a non-standard port checkbox and change the port number, and click on the OK button.
Click on the Yes button in Restart Required dialog to restart netLD server. Reference: Sec. 7.1, p.230
5.2.9 Software Update
netLD automatically checks for updates and notifies if any updates are available, including adapter or manual updates. Automatic update notification needs an Internet connection.
Usually you will find the update notified on the top of the screen.
1. Click on the Install Update button to update. Click on the Yes button to confirm starting the update.
2. Download starts automatically. When the update is complete, netLD service restarts, and then the new login screen appears.
Downloading the updates.