3.2.2.4.1. Configuration vars
In the Configuration vars section, you can set the default parameters and the general configuration parameters that OpenNAC Enterprise technologies will use.
The configuration parameters are divided into User session, General - Internal, General - Frontend, Queue manager, and Developer tools and experimental features.
3.2.2.4.1.1. User session
The user session parameter displays the following fields:
 
- Time the authenticated user remains in the session, after which the user must re-authenticate (hours): The value must be between 1 and 24. 
- Time that the session can remain inactive, after which the automatic disconnection will occur (minutes): The value must be between 10 and 1440. 
- Maximum number of concurrent sessions of an administrator (same account): The value must be between 1 and 10. 
- Number of administrators who can access simultaneously: The value must be between 1 and 100. 
- Expire admin users password every certain number of days: The value must be between 1 and 365. 
3.2.2.4.1.2. General - Internal
The General - Internal parameters displays the following fields:
 
- Interval to persist “last change” updates to DB (in seconds): You can set the time to include events in the database (by default, 1800 seconds). This optimization is created to avoid the same events with same source IP, destination, the policy used and so on. 
- Return VLAN as name instead of VLAN ID: Enable this flag to return VLAN as a name. 
- Enable SNMP Trap monitoring: This flag allows the Core to read SNMP Traps register and use network events. 
- Time user attributes retrieved from AD, based on certificate Common Name, are cached: The default value is 36000 (10h). 
3.2.2.4.1.3. General - Frontend
The General - Frontend parameters displays the following fields:
 
- Allow access to API Documentation: Flag to allow access to the API documentation. 
- Kibana IP: Configure the Kibana IP and its port. It allows us to set the IP address for the Analytics server. 
- Kibana port: The Kibana’s port is 5601 (normally it is not required to be changed). 
- Dashboard home path: Define the dashboard home path in this field. 
- Add Contact phone to get OTP code: Contact phone that will be displayed in the “Get OTP code” pop-up window. 
- Add Contact e-mail to get OTP code: Contact e-mail that will be displayed in the “Get OTP code” pop-up window. 
- Add Contact phone to change the user password: Contact phone that will be displayed in the “recover or change the password” pop-up window. 
- Add Contact e-mail to change the user password: Contact e-mail that will be displayed in the “recover or change the password” pop-up window. 
3.2.2.4.1.4. General - Proxy
The General - Proxy parameters displays the following fields:
 
- Enabled: Flag to enable Proxy configuration to provide proxy settings to all plugins that use external communication: airwatch, airwatchSync, ciscoprime, ironchipSync, maas360, maas360Sync, medigate, mobileIron and mobileIronSync. 
- URL: Proxy URL. 
- Port: The proxy default port is 1080. 
- Username: Username for proxy authentication. 
- Password: Password for proxy authentication. 
3.2.2.4.1.5. Queue manager
From the Queue manager parameters, we can manage the Core queues. There are common asynchronous tasks that need to be carried out by OpenNAC Enterprise. For instance, plugins execution. These queues publish these tasks, the workers register themselves in a queue and carry out the tasks. Queues runs on the Core along with OpenNAC Enterprise workers.
 
By default, forty workers are available.
If you need to configure and deploy a large number of plugins across multiple policies while receiving a significant amount of DHCP IP Helper data in the Core, you may require additional workers to handle the load. You can check your workers’ queues in Status > Trending > OpenNAC.
If needed, you can change the number of workers by clicking on the Edit workers button.
 
You can also, stop the service and refresh the service status by clicking on the corresponding buttons.
Note
Any performance issue with the OpenNAC Enterprise platform can be investigated at Status > Trending. All components and subcomponents are being monitored and tracked for up to 1 Year.
3.2.2.4.1.6. Developer tools and experimental features
 
Flag to enable developer tools and experimental features.
Modify concurrent sessions
We can change some parameters via API. One of them is the number of concurrent admin sessions. To modify this value, we need to execute the following curl:
curl http://127.0.0.1/api/configuration/session --header "X-Opennac-Username: <opennac-user>" --header "X-Opennac-Token: <opennac-token>" -X POST -d "{\"id\": \"session\", \"maxConcurrentAdminSessions\": \"100\"}" -H "Content-Type: application/json" -H "accept: application/json"
Example:
As you can see above, there is an ID for each section of the configuration. To check the available sections and their fields, click the button Save and open the developer tools. Select the Network tab and check the Headers. you will see the API call:
 
To check the parameters of the section we need to click in Payload:
 
If we want to remove the current user sessions for the user admin, we need to go to the Core and execute the following command:
php /usr/share/opennac/api/scripts/reset-user-sessions.php -u admin