Use the ObjectServer properties or command-line options to configure settings for the ObjectServer. To avoid errors, add as many properties as possible to the properties file rather than using the command-line options. Additional utilities are provided that you can use to encrypt the property values.
The ObjectServer properties and command-line options are described in the following table. Although the Ipc.Timeout property is a property for ObjectServer clients, such as gateways, it is documented in this table.
| Property | Command-line option | Description |
|---|---|---|
| ActingPrimary TRUE | FALSE | N/A | This property is used in a failover configuration,
where a primary and backup ObjectServer are connected by a bidirectional
ObjectServer gateway, which is used to replicate the event data between
the two ObjectServers. The property is updated by automations only,
and must not be manually updated within the properties file. ActingPrimary is set to TRUE in the backup ObjectServer for the period during which the backup ObjectServer acts as the primary server. Otherwise, this property is set to FALSE in the backup ObjectServer. ActingPrimary is always set to TRUE in the primary ObjectServer, |
| AlertSecurityModel integer | -alertsecuritymodel integer | This
property determines whether group row level security is enforced in
the event list. By default, group row level security is disabled (0).
In this case:
If the AlertSecurityModel property is enabled (1), only users in the group that owns the row can modify the row. In this case, a member of the Normal or Administrator group can modify a row that is assigned to a group of which they are a member. A member of the System group can always modify any row. |
| AllowConnections TRUE | FALSE | -disallowconnections | Specifies whether non-root users can connect to the ObjectServer. If FALSE, no new connections to the ObjectServer are allowed. The default is TRUE. |
| AllowISQL TRUE | FALSE | -disallowisql | Specifies whether connections to the ObjectServer
are allowed using the SQL interactive interface. If FALSE,
no user can connect using nco_sql. The default
is TRUE. If TRUE, this can be enabled for each user using Netcool/OMNIbus Administrator. |
| AllowISQLWrite TRUE | FALSE | -disallowisqlwrite | Specifies whether modifications to the ObjectServer
are allowed using the SQL interactive interface. If FALSE,
no user can modify the ObjectServer using nco_sql.
The default is TRUE. If TRUE, this can be enabled for each user using Netcool/OMNIbus Administrator. |
| AllowTimedRefresh TRUE | FALSE | -allowtimedrefresh TRUE | FALSE | This property determines whether the user can enable
timed refresh in the Refresh tab of the Event
List Preferences window. If TRUE, the
event list preferences can be set to allow alert information to be
updated at a specified interval rather than waiting for notification
of updates from the ObjectServer. The default is FALSE. If FALSE, the timed refresh check box is grayed out in the Refresh tab of the Event List Preferences window and timed refresh is disabled. |
| Auto.Debug TRUE | FALSE | -autodebug TRUE | FALSE | If TRUE, automation debugging is enabled. The default is FALSE. |
| Auto.Enabled TRUE | FALSE | -autoenabled TRUE | FALSE | If TRUE, automations are enabled. The default is TRUE. |
| Auto.StatsInterval integer | -autostatsinterval integer | Specifies the interval in seconds at which the
automation system collects statistics. The default is 60. Statistics are gathered unless the -autoenabled command-line option is set to FALSE, which disables all automations. |
| BackupObjectServer TRUE | FALSE | -backupserver | Provides failback capability with desktop clients, probes, the proxy server, and the ObjectServer Gateway. The default is FALSE; the desktop clients, probes, the proxy server, and gateways are assumed to be connected to a primary ObjectServer. When TRUE, the desktop clients, probes, the proxy server, and gateways are made aware that they are connected to the backup ObjectServer in a failover pair. If this is the case, the desktop clients, probes, the proxy server, and gateways will automatically check for the recovery of the primary ObjectServer in the failover pair and switch back (fail back) when it has restarted. |
| ClientHeartbeatDisable TRUE | FALSE | -clienthbdisable TRUE | FALSE | Disables the client heartbeating system if set
to TRUE. This causes a connected client to time out
if the ObjectServer is busy - for example, during a gateway resynchronization
or an automation. The default FALSE setting enables heartbeating, and prevents invalid and unnecessary client timeouts. If the ObjectServer is active but busy, this setting causes the ObjectServer to send a pop-up message to a connected client, with details of the type of processing in progress. |
| ClientHeartbeatRate unsigned | -clienthbrate unsigned | Sets the rate in seconds of a client heartbeat. This rate defines how long a client should wait for a response from the ObjectServer before timing out. The default value is 10. |
| ConfigCryptoAlg string | N/A | Specifies the
cryptographic algorithm to use for decrypting string values (including
passwords) that were encrypted with the nco_aes_crypt utility
and then stored in the properties file. Set the string value
as follows:
The value that you specify must be identical to that used when you ran nco_aes_crypt with the -c setting, to encrypt the string values. Use this property in conjunction with the ConfigKeyFile property. |
| ConfigKeyFile string | N/A | Specifies the path and name of the key file that contains the key used to decrypt encrypted string values (including passwords) in the properties file. The key is used at run time to decrypt string values that were encrypted with the nco_aes_crypt utility. The key file that you specify must be identical to the file used to encrypt the string values when you ran nco_aes_crypt with the -k setting. Use this property in conjunction with the ConfigCryptoAlg property. |
| Connections integer | -connections integer | Sets the maximum number of available connections
for desktop clients, probes, and gateways. The maximum value is 1024. The default value is 256. Up to two connections can be used by the system. If the ObjectServer reaches the specified value, no further connections are possible until some of the previously made connections are dropped. |
| DeleteLogFile string | -DELETES string | The path and name of the delete log file, where
all delete commands are recorded if delete logging is enabled. By default, deletes are logged to the file $NCHOME/omnibus/log/servername_deletes_file.logn. |
| DeleteLogging TRUE | FALSE | -DELETE_LOGGING TRUE | FALSE | When TRUE, delete logging is enabled. The default is FALSE. |
| DeleteLogLevel integer | -DELETES_LEVEL integer | The log level determines how much information is
sent to the delete log file. Possible settings are:
|
| DeleteLogSize integer | -DELETES_SIZE integer | The maximum size of the delete log file. When the
log file servername_deletes_file.log1 reaches
the specified size, it is renamed servername_deletes_file.log2 and
a new log file, servername_deletes_file.log1,
is created. When the new file reaches its maximum size, the older
file is deleted and the process repeats. The output from a single delete command is never split between log files. Therefore, log files can be larger than the specified size. The default log file size is 1024 KB. |
| DTMaxTopRows integer | -dtmaxtoprows integer | The maximum number of rows that an administrator can specify when using the View Builder to restrict the number of rows an event list user can view. The default is 100. |
| Granularity integer | -granularity integer | Controls the update interval, in seconds, of IDUC
broadcasts to desktops and gateways. Reducing this value increases
the update rate to the clients. The default interval is 60 seconds. If you require more frequent
IDUC refreshes, configure the refresh rate on the client side, for
example, in the configuration file of gateways. If the Profile property is set to TRUE, at the end of each granularity period, the ObjectServer writes a summary to the profiling log of the time spent for each client connection. |
| GWDeduplication integer | -gwdeduplication integer | This property controls the behavior when there
is an attempt to reinsert an existing event in the ObjectServer. Possible
values are: 0: When set to this value (the default):
1: If the client is a gateway, the new event replaces old event. 2: If the client is a gateway, the new event is ignored. 3: When set to this value:
|
| N/A | -help | Displays help on the command-line options and exits. |
| Iduc.ListeningHostname string | -listeninghostname string | Sets a host name for clients to use to locate the
ObjectServer. On systems where DNS is used, the name returned by a
host machine internally might not be the name by which it is referred
to on the network. For example, a computer named sfo might actually be identified on the network as sfo.bigcorp.org. To allow clients to connect to the ObjectServer on sfo, set this property to sfo.bigcorp.org. The default is the name of the local computer, as reported by the hostname command. |
| Iduc.ListeningPort integer | -listeningport integer | Sets the port for the IDUC communication connection.
This is the port on which the ObjectServer sends updates to each event
list and gateway. If not specified, the IDUC port is selected by the
ObjectServer at random from the unused port numbers available. The
default is 0, that is, take the next available port. You can also specify the port in the /etc/services file on the host machine. |
| Ipc.Timeout integer | -ipctimeout integer | Sets the time, in seconds, that a client application
or utility waits for a response from the ObjectServer when attempting
to send alerts. If this time is exceeded, or if the ObjectServer is down, a communication error occurs and the alert is instead sent to the cache file. The default is 60 seconds. Note: This
property is not an ObjectServer property but is used by various ObjectServer
clients, such as gateways.
|
| LogFilePoolSize integer | -logfilepoolsize integer | Specifies the number of log files to use if the
logging system is writing to a pool of files. This property works
only when the LogFileUsePool property is set
to TRUE. The pool size can range from 2 to 99. The default is 10. |
| LogFileUsePool TRUE | FALSE | -logfileusepool | Specifies whether to use a pool of log files for
logging messages. If set to TRUE, the logging system opens the number of files specified for the pool at startup, and keeps them open for the duration of its run. (You define the number of files in the pool using the LogFilePoolSize property.) When a file in the pool reaches its maximum size (as specified by the MaxLogFileSize property), the logging system writes to the next file. When all the files in the pool are at maximum size, the logging system truncates the first file in the pool and starts writing to it again. Files in the pool are named using the format servername.log_ID, where ID is a two-digit number starting from 01, to the maximum number specified for the LogFilePoolSize property. When the logging system starts to use a file pool, the system writes to the lowest-available file number, regardless of which file it was writing to when it last ran. The default is FALSE. When set to FALSE, the default servername.log file is renamed servername.log_OLD and a new log file is started when the maximum size is reached. If the file cannot be renamed, for example, because of a read lock on the _OLD file, and the LogFileUseStdErr property is set toFALSE , the logging system automatically starts using a pool of log files. |
| LogFileUseStdErr TRUE | FALSE | -logfileusestderr | Specifies whether to use stderr as an output stream
for logging messages. The default is TRUE. If this setting is TRUE and the ObjectServer is run from the command line, messages are logged to the console if the ObjectServer cannot write to the default log file. If this setting is TRUE and the ObjectServer is running as a Windows service, messages are written to a file named %NCHOME%\omnibus\log\nco_objserv*.err if the ObjectServer cannot write to the default log file. If set to FALSE and the ObjectServer cannot write to the default log file, messages are written to a pool of log files, as set by the LogFileUsePool property. Note: The LogFileUsePool property setting
takes precedence over the LogFileUseStdErr setting.
|
| MaxLogFileSize integer | -maxlogfilesize integer | Specifies the maximum size the log file can grow
to, in KB. The default is 1024 KB. When it reaches the size specified, the servername.log file is renamed servername.log_OLD and a new log file is started. When the new file reaches the maximum size, it is renamed and the process starts again. |
| MessageLevel string | -messagelevel string | Specifies the message logging level. Possible values
are: debug, info, warn, error,
and fatal. The default level is warn. Messages
that are logged at each level are as follows:
Tip: The value of string can
be in uppercase, lowercase, or mixed case.
|
| MessageLog string | -messagelog string | Specifies the path to which messages are logged.
The default is $NCHOME/omnibus/log/NCOMS.log. On Windows, if the system cannot write to the specified log file (for example, as the result of a fatal error) it writes the error to a file named %NCHOME%\omnibus\log\nco_objserv*.err. Note: The ObjectServer must be running as a service. Otherwise,
it cannot write errors to a file.
|
| N/A | -name string | Sets the ObjectServer name, which must be unique.
This is the name that is configured in the Server Editor. The default is NCOMS. |
| NHttpd.AccessLog string | -nhttpd_accesslog string | Specifies the name and location of the log file
where the server logs all requests that it processes. The default is $OMNIHOME/log/NCOMS_http_access.log. |
| NHttpd.AuthenticationDomain string | -nhttpd_authdomain string | Specifies the authentication domain that is used
when requesting authentication details over the HTTP or HTTPS connection. The default is omnibus. |
| Nhttpd.BasicAuth string | -nhttpd_basicauth string | Specifies the user-password combination that is
permitted for connections to the HTTP interface, where the password
is an AES hash of the password. The default is ''. |
| NHttpd.DocumentRoot string | -nhttpd_docroot string | Specifies the document root of the embedded web
service. The default is $OMNIHOME/etc/restos/docroot. |
| NHttpd.EnableFileServing TRUE | FALSE | -nhttpd_enablefs TRUE | FALSE | Use this property to enable default file serving
by the ObjectServer. This allows the ObjectServer to act as a simple
HTTP server that serves files from the local filesystem. The default is FALSE. |
| NHttpd.EnableHTTP TRUE | FALSE | -nhttpd_enablehttp TRUE | FALSE | Enables use of the HTTP port. The default is FALSE. |
| NHttpd.ExpireTimeout unsigned | -nhttpd_exptimeout unsigned | Specifies the maximum time, in seconds, that an
HTTP 1.1 connection remains idle before it is dropped. The default is 15. |
| NHttpd.ListeningHostname string | -nhttpd_hostname string | Specifies the listening host name or IP address
that can be used as the hostname part of a URI to the ObjectServer
HTTP or HTTPS interface. The default is localhost. |
| NHttpd.ListeningPort integer | -nhttpd_port integer | Specifies the port on which the ObjectServer listens
for HTTP requests. The default is 0. |
| NHttpd.NumWorkThreads integer | -nhttpd_numworkthrs integer | Specifies the number of threads in the client handling
thread pool. The default is 5. |
| NHttpd.SSLEnable TRUE | FALSE | -nhttpd_sslenable TRUE | FALSE | Enables the use of SSL support. The default is FALSE. |
| NHttpd.SSLListeningPort integer | -nhttpd_sslport integer | Specifies the port on which the ObjectServer listens
for HTTPS requests. The default is 0. |
| NHttpd.SSLCertificate string | -nhttpd_sslcert string | Specifies the name of the SSL certificate of the
server. The default is ''. |
| NHttpd.SSLCertificatePwd string | -nhttpd_sslcertpwd string | Note: This property is deprecated with Tivoli
Netcool/OMNIbus V8.1.
Setting this property has no effect.
|
| NRestOS.Enable TRUE | FALSE | -nrestosenable TRUE | FALSE | Enables the HTTP interface and the OSLC interface
to the ObjectServer. The default is FALSE, which means that the interfaces are disabled. |
| NRestOS.OSLCResourceConfigFile string | -nrestososlcrescfg string | The path to the OSLC resource configuration file.
This JSON file defines how columns from the ObjectServer schema are
mapped to properties in the OSLC event domain. The default is $OMNIHOME/etc/restos/resourcecfg.json. |
| OldTimeStamp TRUE | FALSE | -oldtimestamp TRUE | FALSE | Specifies the timestamp format to use in the log file. Set the value to TRUE to display the timestamp format that is used in Tivoli Netcool/OMNIbus V7.2.1, or earlier. For example: dd/MM/YYYY hh:mm:ss AM or dd/MM/YYYY hh:mm:ss PM when the locale is set to en_GB on a Solaris 9 computer. Set the value to FALSE to display the ISO 8601 format in the log file. For example: YYYY-MM-DDThh:mm:ss, where T separates the date and time, and hh is in 24-hour clock. The default is FALSE. |
| PA.Name string | -pa string | Sets the process control agent name. This name must consist of 29 or fewer uppercase letters and cannot begin with an integer. When an external procedure is run from an automation, the ObjectServer can start an external process. To start the process, the ObjectServer contacts a process control agent. The default name for the process control agent is NCO_PA. |
| PA.Password string | -papassword string | Specifies the password for the user connecting
to a process control agent to run external procedures in automations.
The default is ''. Note: If running external
procedures, the process control daemon must be able to authenticate
the user. Therefore, a valid combination, which can be authenticated
by the daemon, must be specified in the string values
for PA.Username and PA.Password properties.
Otherwise, the connection to the process control agent and the running
of the external procedure will fail.
|
| PA.Username string | -pausername string | Specifies the user name for connecting to a process
control agent to run external procedures in automations. A value must
be specified when the process control agent is running in secure mode.
The default is root. On Windows, specify the user name of a valid local account, domain account, or UPN account. On UNIX, any user who requires access to the process control system must be a member of a UNIX user group (default ncoadmin) that you identify as an administrative group for this purpose. Note that if using Pluggable Authentication Modules (PAM) for authentication, users do not have to be a member of a UNIX user group such as ncoadmin, to gain access to the process control system. |
| PasswordEncryption string | -pwdenc string | This property
defines the encryption scheme that is used to encrypt user passwords
that are stored in the ObjectServer. Possible values are as follows:
|
| PasswordFormat string | -pwdformat string | The property
defines the format of user passwords. It works only when the RestrictPasswords property
is set to TRUE. Specify the value of the this property as a colon-separated set of integer values. Each value defines a password requirement. The format is:min_len:alpha_num:digit_num:punct_numtwhere:
The default value of 8:1:1:0 indicates that a password must be at least 8 characters long, and contain at least 1 alphabetic character and at least one numeric character. The password need not contain any punctuation characters. Note: The minimum alphabetic,
numeric, and punctuation character requirements must be satisfied
within the number of characters specified by the minimum password
length. The default value of 8:1:1:0 must contain
1 alphabetic character and 1 numeric character in the first 8 characters
of the password string.
For example, if the property is set to 8:1:1:0 and a user specifies the password abcdefgh590675, the password is rejected because the first 8 characters contains no numeric characters. After this property is set, the ObjectServer validates all new or changed passwords against this requirement and passwords that do not meet the requirement are rejected. Existing passwords are not validated. |
| ProfileStatsInterval integer | -profilestatsinterval integer | Specifies the interval in seconds at which the profiler writes information to the profile log file. The default is 60 seconds. |
| Profile TRUE | FALSE | -profile | Controls ObjectServer profiling. If TRUE,
the amount of time it takes for clients to run SQL is logged to the
catalog.profiles table. The default is TRUE. The profile statistics are also logged to the file $NCHOME/omnibus/log/servername_profiler_report.logn every profile statistics interval. |
| Props.CheckNames TRUE | FALSE | N/A | When TRUE, the ObjectServer does not run if any specified property is invalid. The default is TRUE. |
| N/A | -propsfile string | Sets the ObjectServer properties file name. The default name is servername.props, where the servername is defined by the -name option. |
| RegexpLibrary string | -regexplib string | Defines which regular expression library to use
for the ObjectServer. Possible values are: NETCOOL and TRE. The default value of NETCOOL is useful for single-byte character processing and is provides optimal system performance. To enable the use of the extended regular expression syntax on single-byte and multi-byte character languages, set the value to TRE. This setting results in decreased system performance. |
| RestrictionFiltersAND TRUE | FALSE | -restrictfiltersand | Controls how user restriction filters and group
restriction filters are concatenated. This property is set for the
system and not per user, and changes to the property setting come
into effect only after you restart the ObjectServer. The values
for this property are as follows:
|
| RestrictionUpdateCheck TRUE | FALSE | -norestrictionupdatecheck | When FALSE, users with restriction filters applied can update alerts that will not appear in their view after the update. The default is TRUE. |
| RestrictPasswords TRUE | FALSE | -restrictpasswords TRUE | FALSE | When TRUE, the format specified by the PasswordFormat property is enforced. The default is FALSE. |
| RestrictProxySQL TRUE | FALSE | -restrictproxysql | When TRUE, connections from a
proxy server are restricted in the ObjectServer SQL commands that
can be run. The only modifications to ObjectServer data that can be
made are inserts into the alerts.status and alerts.details tables.
The default is FALSE. If FALSE, connections from a proxy server can run any ObjectServer SQL commands. |
| Sec.AuditLevel string | -secauditlevel string | Specifies the level of security auditing performed.
Possible values are debug, info, warn,
and error. The default is warn. The debug and info levels generate messages for authentication successes and failures, while warn and error levels generate messages for authentication failures only. |
| Sec.AuditLog string | -secauditlog string | Specifies the file to which audit information is written. The default is $NCHOME/omnibus/log/servername/audit.log. |
| Sec.ExternalAuthentication string | -authenticate string | Controls which authentication module is used to
authenticate users. The values are:
On UNIX and Linux, the default is PAM. On Windows, the default is none. |
| SecureMode TRUE | FALSE | -secure | Sets the security mode of the ObjectServer. If TRUE, the ObjectServer authenticates probe, gateway, and proxy server connection requests with a user name and password. Other client connection requests are always authenticated with a user name and password. |
| Store.LocalizedSort TRUE | FALSE | -storelocalesort | Defines whether localized sorting is enabled or
disabled. The default is FALSE, which disables localized sorting in favor of standard C library (libc) string comparisons. For example, Å will be treated as a variant of A and the two characters will sort near each other. Use this default setting for optimal system performance. Set the value to TRUE to enable localized sorting. For example, in a Danish locale, Å will be treated as a separate letter that sorts just after Z. Note that specifying this setting results in decreased system performance. |
| Store.LocalizedSortCaseSensitive string | -storecasesort string | Controls case sensitivity in localized sorting.
This property is applicable only when Store.LocalizedSort is TRUE. The values are:
The default is OFF. |
| UniqueLog TRUE | FALSE | -uniquelog | If TRUE, the log file is uniquely named by appending the process ID of the ObjectServer to the default log file name. For example, if the NCOMS ObjectServer is running as process 1234, the log file is named NCHOME/omnibus/log/ NCOMS.1234.log. The default is FALSE. If the MessageLog property is set to stderr or stdout, the UniqueLog property is ignored. |
| N/A |  |
Controls the encoding of data that is passed into, or generated by, this application on Windows. Set the value of -utf8enabled to TRUE to run the application in the UTF-8 encoding. The default is FALSE, which causes the default system code page to be used. Important: Although a UTF8Enabled property
is available, an attempt to enable UTF-8 encoding by setting this
property to TRUE has no effect. To run in a UTF-8
encoding on Windows, you
must always use the -utf8enabled command-line option.
Note: When running in UTF-8 encoding,
do not set the OldTimeStamp property to TRUE.
|
| WTPasswordCheck string | -wtpasswordcheck string | Controls how passwords are checked by the ObjectServer
when received from clients. This property is useful when ObjectServer
users are externally authenticated. Possible values for the property
are:
|
| N/A | -version | Displays version information for the ObjectServer and exits. |