In the Administration application, it is possible to configure global system settings. Application-specific settings are managed in the corresponding application.
In general tabulator, the following information can be found:
- Application page title (in browser): Enter the text that will be added to the title in the browser toolbar. The entered page title text is added to the currently visited page of the application.
- Logo shown in Reports: Click the selection button to specify or edit the location of an image that should be used as a company logo for reports.
- Prefix for custom Schema Objects: This prefix is used when a new data definition or configuration item is created as part of customization.
- Max allowed entries to be exported from Grid: (for DWP v.11.0.1 and higher) Defines the maximum number of rows to be exported while exporting the data from the grids. Default: 10000. See also Export Data: Changing limits section.
- Open Edit Dialog (read-only) in case Preview is not available: Enable this option to open Edit dialog instead of Preview whenever Preview is not available (preview displaying is not enabled, not available for the application, or restricted by the user permissions). A Dialog will be opened in read-only mode with all the actions that should have been available for the respective Preview, so it will look like Preview.
- Feedback Enabled: Enable this option to activate the customer feedback form shown in the application header.
Database Server, Database Name, and Database Account: These are the non-editable fields pertaining to the Web server access to the database.
The current version of the Matrix42 platform is shown on the global setting preview page:
Secure Token Service
Configure application login and user authorization options. Select the necessary checkboxes to enable the following login options:
1. Single sign-on enabled
Select only this check-box to call the Windows Authentication login form. The authentication form is shown on top of the standard login page of the Matrix42 Software Asset & Service Management:
2. Browser credentials enabled
Allows to login using cached login credentials. Enables "Use Browser Credentials" button on the application login page:
3. SAML2 enabled
Activates SAML2 in the application.
When application login with enabled SAML2 and Single Sign On fails or results in an error message due to outdated or incorrect SAML configuration use the force login page to bypass the error and adjust the secure token service login settings:
To log in with your valid credentials add the force login page parameter to your URL:
For more information see the SAML2 configuration guide page.
4. Use Matrix42 MyWorkspace
|Access is configured in a dedicated area of the Administration application, as described below.|
5. Allow User Registration
Allow User Registration option activates user sign-up to the system with an e-mail address and enables password recovery on the login page:
For more details, see also Sign-Up & Password Recovery page.
- Mailing Enabled: Activate or deactivate e-mail traffic.
- SMTP Server: Name of the e-mail server.
- Default Sender: Sender address for e-mails. By default, e-mails triggered by the compliance rules are sent from this address. Send E-mail action e-mails use the default notification settings of the Service Desk.
- Mode: Use this field to specify the e-mail sending mode:
- Send E-mail (default): e-mails are sent directly to the recipients and not stored. Failed or Not Sent e-mails are stored in the system database (SPSEmailClassBase Data Definition) and shown on the E-mails page of the Administration application. Once successfully sent, the e-mails are no longer available in the database and consequently on the E-mails page;
- Send E-mail and store it in the Database: all e-mails regardless of e-mail status are saved in the database are stored in the SPSEmailClassBase Data Definition and displayed on the E-mails page;
- Write E-mails to Specified Folder: all e-mails are saved in the specified folder of the application server. This option requires the path to the e-mail folder.
- E-mail Folder: folder in which your e-mails are stored on the application server.
- Use SMTP Authentication: Select this checkbox if you want to log on to the SMTP server with a user account and select one of the options as provided below.
- Use Integrated Security (Use Service Account): Select this option if you want to log on to the SMTP server with an internal service account of Matrix42 Workspace Management.
- Use following Credentials: Select this option if you want to log on to the SMTP server with your network account and fill out the credentials.
- Account: User account with which you log on to the mail server.
- Password: Password with which you log on to the mail server.
- Use SSL: Select this checkbox if you want to use a secure SSL connection to send e-mails.
- SSL Protocol (available since DWP v.11.0.1 or higher): this property can be configured for enabled Use SSL option. The default value is Auto, other possible options include TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.
- Use Network Credentials container to pass credentials: Select this checkbox if your system environment requires this special way of transferring login information to the SMTP server.
Modern Authentication (OAuth 2.0): this option is available since DWP v.11.0.1 or higher. Select this option if you want to log on to the SMTP server with modern authentication based on OAuth 2.0 which enables authentication features like multi-factor authentication (MFA), smart cards, certificate-based authentication (CBA), and third-party SAML identity providers. Configure the following properties:
Mailbox Email Address: e-mail address that is used for sending emails is required for OAuth 2.0 authentication option.
- Use SSL: Select this checkbox if you want to use a secure SSL connection to send e-mails.
- SSL Protocol: this property can be configured for the enabled Use SSL option. Choose from the suggested options:
- Software Asset & Service Management URL: If e-mails contain links to the console, this URL is used. By default, the fully qualified name of the server is included in the URL. However, if the application can only be called by using the short name, this name should be specified here.
- Software Asset & Service Management URL for UUX: If e-mails contain links to the UUX, this URL is used. By default, the fully qualified name of the server is included in the URL. However, if the application can only be called by using the short name, this name should be specified here.
- Recipients In Single Mail: Maximum number of e-mail addresses that can be specified as recipients in a single e-mail. For example, if you want to send an e-mail to 100 people and 20 was entered in this field, then five e-mails are sent, and each of these five e-mails is sent to 20 recipients.
- Max Threads: Maximum number of e-mails that the e-mail robot can process simultaneously.
- Skip Threshold: Maximum number of recipients per e-mail. The e-mail will not be sent if this number is exceeded. If the number of recipients is unlimited, enter 0.
- Attempts to Send: Specify the number of unsuccessful e-mail sending attempts. When this number is exceeded, the status of e-mails on the E-mails page is set to Failed.
- Clean Up Mails after (Days): After the number of days (default value is 90) that is specified in this field, all e-mails stored in the database will be deleted. If this field is empty, the e-mails are never deleted.
- Header/Footer: Allows setting the default Header, Footer, and signature for all email notifications sent by the System. For more information, see also E-mail Configurations.
- Split Mails by Recipients Domains: The option is designed for cases the Mail Server has a special configuration that does not allow sending emails with the recipients from different domains. When activated the dedicated E-mail will be generated for every mail domain used in the recipient list. This behavior can be activated only directly in the production database with the following command and iisreset:
UPDATE SPSAlertingConfiguration Set RecipientsSplitDomain = 1
- Don’t attach embedded images as attachments to email: (for DWP v.11.0.1 and higher) Enable this option to generate emails without embedded images attached. Default: disabled.
Integration: Matrix42 Accounts Integration settings enable the Matrix42 Accounts Data Provider to import Matrix42 Accounts.
- Enterprise Name: The name of your company as has been specified on your company's user profile page at https://accounts.matrix42.com/ when creating an access token.
- Server: The API server used to access Matrix42 Accounts.
- Access Token: Access token that needs to be generated manually on your company's user profile page at https://accounts.matrix42.com/.
Single Sign-On settings enable log-in to the Matrix42 Workspace Management with a Matrix42 Account:
- Enabled: Select the checkbox to enable the ability to log in to Matrix42 Workspace Management with a Matrix42 Account.
- Scope, Client Id, Client Secret: After your application has been registered with Matrix42 Access Control System (ACS) by the ACS service administrator, you will receive the scope, client ID, and client secret values. The scope, client ID, and client secret are used by the application each time a user selects to be logged in by using their Matrix42 Account. If this data is valid and the corresponding account has been previously imported by the Matrix42 Accounts Data Provider, ACS authenticates the user and logs in the user to Matrix42 Workspace Management.
These settings relate to the system services of Matrix42 Workspace Management. They can be changed only after you have consulted Matrix42.
Basic settings for support of Facebook, Twitter and push notifications for Matrix42 mobile application.
- Facebook is Available: enable the check-box and configure access to the company's Facebook account:
- Facebook Alias: username or the alias of the page;
- Facebook Access Token: an access token is needed any time the application calls the Facebook API. Access tokens are obtained via a number of methods, as described in the Facebook for Developers documentation.
- Twitter is Available: enable the check-box and configure access to the company's Twitter account. All fields are mandatory:
- Twitter Access Secret: authorization password, used with the Access Token every time the client (in this case the mobile application) wants to access the data.
- Twitter Access Token: is issued to the client once the client successfully authenticates using the Consumer Key and Consumer Secret. Access Token defines the privileges of the client and what data the client can and cannot access;
- Twitter Consumer Key: API key associated with the Twitter application. ;
- Twitter Consumer Secret: the client password that is used to authenticate with the Twitter authentication server;
- Twitter Alias: the account's screen name, handle, or alias;
- Show address field in Contacts
Configured social media access delivers the latest news from the company's Facebook and Twitter accounts to the News page of the Matrix42 mobile application.
- Push Notifications: starting from the 10.0.4 version of the DWP, push notifications settings are available in a stand-alone section of the Global System settings. For more information see Push Notifications page.
- Lock accounts after failed login attempts: Select this checkbox to make user accounts unavailable after a certain number of unsuccessful logins to the Matrix42 Self Service Portal or the Matrix42 Workspace Management Console.
- Number of failed attempts: Number of unsuccessful login attempts after which the accounts should be locked. This field becomes active after you select the Lock accounts after failed login attempts check-box.
- Enable automatic accounts unlocking: Select this checkbox if you want the system to automatically unlock the previously locked accounts. This checkbox becomes active after you select the Lock accounts after failed login attempts checkbox.
- Time until automatic unlock: Time period (in minutes) that should pass after an account has been locked and until it will be automatically unlocked. This field becomes active after you select the Enable automatic accounts unlocking checkbox.
- Enable session lifetime (in hours): Select this checkbox if you want your session to last a specific number of hours.
- Session lifetime: Number of hours for session lifetime. This field becomes active after you select the Enable session lifetime (in hours) checkbox.
- Extra origins: (for DWP v.11.0.1 and higher) Comma-separated list of allowed domains for cross-origin resource sharing. It forces CORS policy to add the entered values to the allowlist. Default value: empty.
- Default UI Language: Default language of the Matrix42 Workspace Management user interface.
- Supported User Languages: Languages into which the Matrix42 Workspace Management user interface is currently localized.
- Default System Language: Default language of the system that is used for writing logs or sending e-mails within Matrix42 Workspace Management.
- Supported Mail Languages: Languages that can be used in e-mails that are sent within Matrix42 Workspace Management.
Choose one of the suggested options for the Workflow Engine Definition:
- Use legacy Workflow Engine (AppFabric): The System uses AppFabric for processing Workflow commands.
[TECHNICAL PREVIEW] Use Matrix42 Worker together with Legacy Workflow Engine (AppFabric): This option combines two workflow processing methods and is considered as an interim solution before the complete and ultimate migration to the new engine using Matrix42 Workers. The System uses Matrix42 Workers for starting and processing all Workflows marked as “Use Matrix42 Worker”. Workflows that are either incompatible or have already been started on legacy Workflow Engine will keep using AppFabric for execution.
This option requires additional configuration of the Matrix42 Worker:
Enabled: select the checkbox to enable the new workflow processes running on the Cloud Worker;
Matrix42 Deployment Ring: deployment rings provide the way to separate the Matrix42 Worker service users into deployment groups. Each deployment ring reduces the risk of issues derived from the deployment of the features and updates by firstly aiming at the most adaptable users who are willing to use the latest updates as soon as possible and gradually extending the targeted audience to those who are the least adaptable for the changes and tend to minimize the risks that might be caused by any system update.
Early Adopters: receive new builds first and often early, even before the update is deployed broadly across the organization;
Technical Preview: intermediate stage;
Release: broadly deployed and stable release version.
Server connection and authentication settings fields:
Application Server Token User
Authentication Server URL
Click "Setup Authentication" button and follow the instructions to get the necessary connection credentials.
Technical Preview implementation must not be used in production.
Use Matrix42 Worker: The System uses only Matrix42 Workers to execute all kinds of Workflow operations.
This section is available for DWP v.11.0.1 and higher.
- Auto Login: Allow/deny auto-login (with bypassing login screen) while accessing the workspace. By default is disabled.
- Allow Non Windows Auto Login: Allow/deny the logins that originated out of Windows login credentials. By default is disabled.
- Data Source Page Size: The default value of items to be shown while opening the pages with the grids. By default is set to 50 items. Must be one of the values defined in Data Source Page Sizes, see below. See also Search in UUX: Paging section.
- Data Source Page Sizes: The possible predefined values for page size. The list of values will be shown on UI to let the user change the default value of page size. Default options are 10,20,50,100,200. See also Search in UUX: Paging section.
- Max File Size: The maximum file size to upload (in Mb). The default value is 20.
- Max Words Per Condition: Defines the maximum words per condition while using pickup filter search (i.e. on a Grid column). By default is set to 50. See also Search in UUX: Text filtering criteria section.
- Max Recent Searches: Maximum items to be shown in the Recents tab. By default is set to 5 items. See also Applications: Creating an Application section.
- Link Allow Protocols: Comma-separated list of protocols allowed for the embedded links. By default includes mailto,notes,callto,tel.