Description 

Starting with version 1.1, NAICE includes a configuration manager (phoca), a centralized service for managing NAICE system configuration parameters via web GUI. It provides storage, update, and distribution of settings across other services, as well as the ability to audit changes made to system settings using system events.

Most settings take effect without requiring an explicit restart of system components.

In the web interface, configuration parameters are available in the System settings section.

Detailed information about configuration parameters and their default values is available in the built-in documentation. To view information about the purpose of a setting and its available options, open the required section and click the  button at the bottom of the left-hand menu.

To access this section, a system user must have a role that includes the System settings privilege (see v1.1_5.1 Role Model).

Supported settings

In version 1.1, the following settings can be modified through the configuration manager:

  • General system settings:
    • database address
    • system language
  • Service settings:
    • RADIUS server parameters
    • TACACS+ server parameters
    • event log parameters
  • Licensing:
  • Security and access:
    • identity source configuration for system login
    • password policies for system users
  • Certificates:
    • uploading certificates trusted by NAICE when interacting with external services
  • Troubleshooting:
    • service logging level configuration

The complete list of parameters and detailed information about configuring each parameter is available in the built-in documentation (see v1.1_4 Built-in Documentation).

Monitoring applied changes

To monitor the application of system settings, the following events are available in Monitoring → System → System events:

1. Service/container settings changed

Contains complete information about the modification of one or more parameters:

  • parameter name
  • previous value
  • new value
  • system user who made the change and their role
  • IP address from which the request to modify the parameters was received
  • hostname of the NAICE node that received the request (relevant in a cluster deployment)
  • date and time when the changes were made

Sensitive data (for example, passwords) is not displayed in events.

2. Service/container configuration applied

These events can be used to verify that all settings have been delivered to the corresponding services.

They contain information about the service name. The hostname allows verification that the settings have been applied on all cluster nodes.

If the system is deployed as a cluster and these events are displayed for only one node, check network connectivity between the cluster nodes.

  • Нет меток