Skip to main content
Matrix42 Self-Service Help Center

Global System Settings

Administration application settings

Overview

In the Administration application, it is possible to configure global system settings. Application-specific settings are managed in the corresponding application.

General information

In general tabulator, the following information can be found:

global_settings_general1.png

  • Application page title (in browser): Enter the text that will be added to the title in the browser toolbar. The entered page title text is added to the currently visited page of the application.
  • Logo shown in Reports: Click the selection button to specify or edit the location of an image that should be used as a company logo for reports.
  • Prefix for custom Schema Objects: This prefix is used when a new data definition or configuration item is created as part of customization.
  • Profile Dialog: Choose a dialog that opens via the user avatar → Profile action. For security reasons, if the selected dialog contains User Role configuration it cannot be modified by the user.
  • Max allowed entries to be exported from Grid: (for DWP v.11.0.1 and higher) Defines the maximum number of rows to be exported while exporting the data from the grids. Default: 10000. See also Export Data: Changing limits section. 
  • Open Edit Dialog (read-only) in case Preview is not available: Enable this option to open Edit dialog instead of Preview whenever Preview is not available (preview displaying is not enabled, not available for the application, or restricted by the user permissions). A Dialog will be opened in read-only mode with all the actions that should have been available for the respective Preview, so it will look like a Preview.
  • Feedback Enabled: Enable this option to activate the customer feedback form shown in the application header.
  • Environment Type: Defines the role that an ESM instance fulfills, categorized as either "Production," "Testing," or "Development." Selecting the correct value is crucial for accurately calculating license utilization and determining any potential overusage. Read more about Environment Types

Database

Database Server, Database Name, and Database Account: These are the non-editable fields pertaining to the Web server access to the database.

Version

The current version of the Matrix42 platform is shown on the global setting preview page:

version_global_system_settings.png

Secure Token Service

Configure application login and user authorization options. Select the necessary checkboxes to enable the following login options:

1. Single sign-on enabled

Select only this check-box to call the Windows Authentication login form. The authentication form is shown on top of the standard login page of the Matrix42 Software Asset & Service Management:

admin_settings_wauth.png

2. Browser credentials enabled

Allows to login using cached login credentials. Enables "Use Browser Credentials" button on the application login page:

admin_settings_secure_token_service.png

3. SAML2 enabled

Activates SAML2 in the application.

  • SAML2 enabled: select only this check-box (without Single Sign-on enabled) to allow user login using the credentials from the properly configured Service Provider. The application login page displays the text from the configured SAML2 Login button title field:
    admin_saml_settings2.png
  • SAML2 enabled and Single Sign On enabled: allows to skip the Matrix42 Software Asset & Service Management login page and sign-in automatically, using the credentials from the Identity Provider, specified in SAML2 configuration.

When application login with enabled SAML2 and Single Sign On fails or results in an error message due to outdated or incorrect SAML configuration use the force login page to bypass the error and adjust the secure token service login settings:

admin_settings_saml_error.png

To log in with your valid credentials add the force login page parameter to your URL:

https://myhost.mydomain.com/wm?ForceLoginPage

For more information see the SAML2 configuration guide page.

4. Use Matrix42 MyWorkspace

Access is configured in a dedicated area of the Administration application, as described below.

5. Allow User Registration

Allow User Registration option activates user sign-up to the system with an e-mail address and enables password recovery on the login page:

global_system_settings_allow_user_registration.png

For more details, see also Sign-Up & Password Recovery page.

E-mails

  • Mailing Enabled: Activate or deactivate e-mail traffic.
  • SMTP Server: Name of the e-mail server.
  • Default Sender: Sender address for e-mails. By default, e-mails triggered by the compliance rules are sent from this address. Send E-mail action e-mails use the default notification settings of the Service Desk.
  • Mode: Use this field to specify the e-mail sending mode:
    • Send E-mail (default): e-mails are sent directly to the recipients and not stored. Failed or Not Sent e-mails are stored in the system database (SPSEmailClassBase Data Definition) and shown on the E-mails page of the Administration application. Once successfully sent, the e-mails are no longer available in the database and consequently on the E-mails page;
    • Send E-mail and store it in the Database:  all e-mails regardless of e-mail status are saved in the database are stored in the SPSEmailClassBase Data Definition and displayed on the  E-mails page;
    • Write E-mails to Specified Folder: all e-mails are saved in the specified folder of the application server. This option requires the path to the e-mail folder.
      • E-mail Folder: folder in which your e-mails are stored on the application server.
  • Use SMTP Authentication: Select this checkbox if you want to log on to the SMTP server with a user account and select one of the options as provided below.
    • Use Integrated Security (Use Service Account): Select this option if you want to log on to the SMTP server with an internal service account of Matrix42 Digital Workspace Platform.
    • Use following Credentials: Select this option if you want to log on to the SMTP server with your network account and fill out the credentials.
      • Account: User account with which you log on to the mail server.
      • Password: Password with which you log on to the mail server.
      • Use SSL: Select this checkbox if you want to use a secure SSL connection to send e-mails.
      • SSL Protocol: (for DWP v.11.0.1 and higher)  this property can be configured for enabled Use SSL option. The default value is Auto, other possible options include TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.
      • Use Network Credentials container to pass credentials: Select this checkbox if your system environment requires this special way of transferring login information to the SMTP server.
    • Modern Authentication (OAuth 2.0): this option is available since DWP v.11.0.1 and higher. Select this option if you want to log on to the SMTP server with modern authentication based on OAuth 2.0 which enables authentication features like multi-factor authentication (MFA), smart cards, certificate-based authentication (CBA), and third-party SAML identity providers. Configure the following properties:

      • Mailbox Email Address: e-mail address that is used for sending emails is required for OAuth 2.0 authentication option.
      • Service Connection: pre-configure and select the necessary Service Connection. For more details see also Microsoft Exchange configuration page and Gmail configuration for emailing.
      • Use SSL: Select this checkbox if you want to use a secure SSL connection to send e-mails.
      • SSL Protocol: this property can be configured for the enabled Use SSL option. Choose from the suggested options:
      • Auto (default)
        • TLS 1.0
        • TLS 1.1
        • TLS 1.2
        • TLS 1.3
  • Software Asset & Service Management URL: If e-mails contain links to the console, this URL is used. By default, the fully qualified name of the server is included in the URL. However, if the application can only be called by using the short name, this name should be specified here.
  • Software Asset & Service Management URL for UUX: If e-mails contain links to the UUX, this URL is used. By default, the fully qualified name of the server is included in the URL. However, if the application can only be called by using the short name, this name should be specified here.
  • Recipients In Single Mail: Maximum number of e-mail addresses that can be specified as recipients in a single e-mail. For example, if you want to send an e-mail to 100 people and 20 was entered in this field, then five e-mails are sent, and each of these five e-mails is sent to 20 recipients.
  • Max Threads: Maximum number of e-mails that the e-mail robot can process simultaneously.
  • Skip Threshold: Maximum number of recipients per e-mail. The e-mail will not be sent if this number is exceeded. If the number of recipients is unlimited, enter 0.
  • Attempts to Send: Specify the number of unsuccessful e-mail sending attempts. When this number is exceeded, the status of e-mails on the E-mails page is set to Failed.
  • Clean Up Mails after (Days): After the number of days (default value is 90) that is specified in this field, all e-mails stored in the database will be deleted. If this field is empty, the e-mails are never deleted.
  • Header/Footer: Allows setting the default Header, Footer, and signature for all email notifications sent by the System. For more information, see also E-mail Configurations.
  • Split Mails by Recipients Domains: The option is designed for cases the Mail Server has a special configuration that does not allow sending emails with the recipients from different domains. When activated the dedicated E-mail will be generated for every mail domain used in the recipient list. This behavior can be activated only directly in the production database with the following command and iisreset:
      
    UPDATE SPSAlertingConfiguration Set RecipientsSplitDomain = 1
  • Don’t attach embedded images as attachments to email: (for DWP v.11.0.1 and higher) Enable this option to generate emails without embedded images attached. Default: disabled.

Matrix42 MyWorkspace

Integration: Matrix42 Accounts Integration settings enable the Matrix42 Accounts Data Provider to import Matrix42 Accounts.

  • Enterprise Name: The name of your company as has been specified on your company's user profile page at https://accounts.matrix42.com/ when creating an access token.
  • Server: The API server used to access Matrix42 Accounts.
  • Access Token: Access token that needs to be generated manually on your company's user profile page at https://accounts.matrix42.com/.

Single Sign-On settings enable log-in to the Matrix42 Digital Workspace Platform with a Matrix42 Account:

  • Enabled: Select the checkbox to enable the ability to log in to Matrix42 Digital Workspace Platform with a Matrix42 Account.
  • Scope, Client Id, Client Secret: After your application has been registered with Matrix42 Access Control System (ACS) by the ACS service administrator, you will receive the scope, client ID, and client secret values. The scope, client ID, and client secret are used by the application each time a user selects to be logged in by using their Matrix42 Account. If this data is valid and the corresponding account has been previously imported by the Matrix42 Accounts Data Provider, ACS authenticates the user and logs in the user to Matrix42 Digital Workspace Platform.

Engines

These settings relate to the system services of Matrix42 Digital Workspace Platform. They can be changed only after you have consulted Matrix42.

Mobile Applications

Basic settings for support of Facebook, Twitter and push notifications for Matrix42 mobile application.

Download the Matrix42 mobile application from the App Store or Google Play.  

Common Settings:

  • Facebook is Available: enable the check-box and configure access to the company's Facebook account:
    • Facebook Alias: username or the alias of the page;
    • Facebook Access Token: an access token is needed any time the application calls the Facebook API. Access tokens are obtained via a number of methods, as described in the Facebook for Developers documentation.  
  • Twitter is Available: enable the check-box and configure access to the company's Twitter account. All fields are mandatory:
    • Twitter Access Secret: authorization password, used with the Access Token every time the client (in this case the mobile application) wants to access the data.
    • Twitter Access Token:  is issued to the client once the client successfully authenticates using the Consumer Key and Consumer Secret. Access Token defines the privileges of the client and what data the client can and cannot access;
    • Twitter Consumer Key:  API key associated with the Twitter application. ;
    • Twitter Consumer Secret:  the client password that is used to authenticate with the Twitter authentication server;
    • Twitter Alias: the account's screen name, handle, or alias;
  • Show address field in Contacts

    Configured social media access delivers the latest news from the company's Facebook and Twitter accounts to the News page of the Matrix42 mobile application.

  • Push Notifications: starting from the 10.0.4 version of the DWP, push notifications settings are available in a stand-alone section of the Global System settings. For more information see Push Notifications page.

Security

  • Lock accounts after failed login attempts: Select this checkbox to make user accounts unavailable after a certain number of unsuccessful logins to the Matrix42 Self Service Portal or the Matrix42 Digital Workspace Platform Console.
    • Number of failed attempts: Number of unsuccessful login attempts after which the accounts should be locked. This field becomes active after you select the Lock accounts after failed login attempts check-box.
    • Enable automatic accounts unlocking: Select this checkbox if you want the system to automatically unlock the previously locked accounts. This checkbox becomes active after you select the Lock accounts after failed login attempts checkbox.
      • Time until automatic unlock: Time period (in minutes) that should pass after an account has been locked and until it will be automatically unlocked. This field becomes active after you select the Enable automatic accounts unlocking checkbox.
  • Session lifetime (in hours): Number of hours for session lifetime. For security reason, the maximum possible session lifetime could not exceed 48 hours
  • Extra origins: (for DWP v.11.0.1 and higher) Comma-separated list of allowed domains for cross-origin resource sharing. It forces CORS policy to add the entered values to the allowlist. Default value: empty.

global_system_settings_security.png

Regional Settings

  • Default UI Language:  Default language of the Matrix42 Digital Workspace Platform user interface.
    • Supported User Languages: Languages into which the Matrix42 Digital Workspace Platform user interface is currently localized.
  • Default System Language: Default language of the system that is used for writing logs or sending e-mails within Matrix42 Digital Workspace Platform.
    • Supported Mail Languages: Languages that can be used in e-mails that are sent within Matrix42 Digital Workspace Platform.

Workflows

Choose one of the suggested options for the Workflow Engine Definition:

  • Use legacy Workflow Engine (AppFabric): The System uses AppFabric for processing Workflow commands.
  • [TECHNICAL PREVIEW] Use Matrix42 Worker together with Legacy Workflow Engine (AppFabric): This option combines two workflow processing methods and is considered as an interim solution before the complete and ultimate migration to the new engine using Matrix42 Workers The System uses Matrix42 Workers for starting and processing all Workflows marked as “Use Matrix42 Worker”. Workflows that are either incompatible or have already been started on legacy Workflow Engine will keep using AppFabric for execution. 
    This option requires additional configuration of the Matrix42 Worker:

    • Enabled: select the checkbox to enable the new workflow processes running on the Cloud Worker;

    • Matrix42 Deployment Ring: deployment rings provide the way to separate the Matrix42 Worker service users into deployment groups.  Each deployment ring reduces the risk of issues derived from the deployment of the features and updates by firstly aiming at the most adaptable users who are willing to use the latest updates as soon as possible and gradually extending the targeted audience to those who are the least adaptable for the changes and tend to minimize the risks that might be caused by any system update. 

      • Early Adopters:  receive new builds first and often early, even before the update is deployed broadly across the organization;

      • Technical Preview: intermediate stage;

      • Release: broadly deployed and stable release version.

    • Server connection and authentication settings fields:

      • Application Server Token User

      • Authentication Server URL

      • Connector Id

      • Client Key

      • Client Secret

Click "Setup Authentication" button and follow the instructions to get the necessary connection credentials.

Technical Preview implementation must not be used in production.

  • Use Matrix42 Worker: The System uses only Matrix42 Workers to execute all kinds of Workflow operations.

Frontend Settings

This section is available in DWP v.11.0.1 and higher.

global_system_settings_frontend_settings.png

  • Auto Login: Allow/deny auto-login (with bypassing login screen) while accessing the workspace. By default is disabled.
  • Allow Non Windows Auto Login: Allow/deny the logins that originated out of Windows login credentials. By default is disabled.
  • Default page size option for Dataset View: The default value of items to be shown while opening the pages with the grids. By default is set to 50 items. Must be one of the values defined in Available page size options for Dataset View, see below. See also Search in UUX: Paging section.
  • Available page size options for Dataset View: The possible predefined values for page size. The list of values will be shown on UI to let the user change the default value of page size. Default options are 10,20,50,100,200. See also Search in UUX: Paging section. 
  • Show Hidden Values in Search (for DWP v.11.0.2 and higher): allows managing the hidden option displayed in the column search of the PickupBy default is enabled. Disable this option to remove the hidden option of the Pickup from the column search. See also Pickup Data Properties: Hidden.
  • Max File Size: The maximum file size to upload (in Mb). The default value is 20.
  • Max Words Per Condition: Defines the maximum words per condition while using pickup filter search (i.e. on a Grid column). By default is set to 50. See also Search in UUX: Text filtering criteria section.
  • Max Recent Searches: Maximum items to be shown in the Recents tab. By default is set to 5 items. See also Applications: Creating an Application section.
  • Link Allow Protocols: Comma-separated list of protocols allowed for the embedded links. By default includes mailto,notes,callto,tel.

 

LOGIN PAGE

This section is available in DWP v.12.0.4 and above.

These setting are related to the login page appearance.

The login page in DWP v.12.0.4 and above has changed and now it looks like on the next screenshot.

clipboard_eb6859b98ed8bd09e52eacd5c829dcd3c.png

 

It is customizable by setting the expected values to the fields in this page.

clipboard_e5130ec77caf9fb6e782e6221078e377d.png

GENERAL

  • Welcome Title: Text to be displayed as a welcome title. It is localizable.
  • Welcome Title Color: Color to use for a welcome title.
  • Welcome Text: Text to be displayed below a welcome title. Might be used for a short description. It is localizable.
  • Text Color: Color to be used with all the regular text on a login page.
  • Button Color: Color to be used as a foreground to active buttons.
  • Button Text Color: Color to be used as a text color on active buttons.
  • Logo: Image to be used as a logo on the login page.
  • Background Image: Image to be used as a general login page background.

LEFT PANEL

  • Left Foreground Color: Color to be used on a left panel as a color. Will be overlayed with Left Foreground Image if it is set.
  • Left Foreground Image: Image to be used on a left panel as a foreground.

RIGHT PANEL

  • Right Foreground Color: Color to be used on a right panel as a color. Will be overlayed with Right Foreground Image if it is set.
  • Show Right Panel: Indicates if right panel is supposed to be shown. Checked by default. If unchecked - left panel will be repositioned to a page center.
  • Right Foreground Image Behavior: Used to set how foreground image will be applied on a right panel. Possible options: Stretch, Repeat or Original.
  • Right Foreground Image: Image to be used on a right panel as a foreground.