# omiserver configuration file ## ## httpport -- listening port for the binary protocol (default is 5985) ## httpport=0 ## ## httpsport -- listening port for the binary protocol (default is 5986) ## httpsport=0 ## ## idletimeout -- idle providers unload timeout in seconds (defualt is 90) ## #idletimeout=TIMEOUT ## ## loglevel -- set the loggiing options for MI server ## Valid options are: ERROR, WARNING, INFO, DEBUG, VERBOSE (debug builds only) ## If commented out, then default value is: WARNING ## #loglevel = WARNING ## ## NtlmCredsFile -- credentials file for NTLM authentication ## ## To enable NTLM authentication via negotiation (SPNEGO), specify the ## location of the credentials file. This file is in the form: ## ## :: ## ## For further information, please see: https://github.com/Microsoft/omi/blob/master/Unix/doc/setup-ntlm-omi.md ## #NtlmCredsFile=/etc/opt/omi/.creds/ntlm ## ## Settings for omi-related directory and file paths. ## You can modify below default path value to other location. ## ## omi log folder and log file #logdir=/var/opt/omi/log #logfile=/var/opt/omi/log/omiserver.log ## ## The cert and its private key for TLS/SSL communication ## pemfile -- The certificate to use for TLS/SSL communication ## For pemfile, its owner is root user ## keyfile -- The private key that corresponds to the TLS/SSL certificate ## To modify keyfile, make sure its owner is `omi:omi`: ## run `chown omi:omi /yourpath/omikey.pem` ## #pemfile=/etc/opt/omi/ssl/omi.pem #keyfile=/etc/opt/omi/ssl/omikey.pem ## ## This section is for security protocol settings ## NoSSLv2: When it is true, the SSLv2 protocol is disabled. ## NoSSLv3: When it is true, the SSLv3 protocol is disabled. ## If NoSSLv2 and NoSSLv3 are both set to true, only TLS encryption will be negotiated. ## #NoSSLv2=true #NoSSLv3=false # Enabling this will cause each provider to run under it's own omiagent # process. This will take considerably more memory, but is useful for # diagnosing omiagent cores due to a provider fault. Setting of `true` # means that each provider runs under it's own omiagent process. #agentDebugging=false # List of authorized and unauthorized user groups, separated by commas. # Both local and domain groups can be listed. For example: # AuthorizedGroups=SCX\scx local admins, SCX\domain users, adm # UnauthorizedGroups=games # If both parameters are blank (default), authorization checks are not # performed. For more info, see # https://github.com/Microsoft/omi/tree/master/Unix/doc/allow-deny-handling.md #AuthorizedGroups= #UnauthorizedGroups=