diff --git a/UAG_Settings.json b/UAG_Settings.json index c972d9f..08b1e97 100644 --- a/UAG_Settings.json +++ b/UAG_Settings.json @@ -8,18 +8,36 @@ "deploymentOption": "onenic" }, "systemSettings": { - "locale": "en_US", "fipsEnabled": false, - "adminPassword": "*****", - "adminPasswordExpirationDays": 90, + "adminPasswordExpirationDays": 0, + "adminSessionIdleTimeoutMinutes": 10, + "adminMaxConcurrentSessions": 5, + "rootPasswordExpirationDays": 365, + "rootSessionIdleTimeoutSeconds": 300, + "osMaxLoginLimit": "10", + "monitoringUsersPasswordExpirationDays": 0, + "adminPasswordPolicySettings": { + "passwordPolicyMinLen": 8, + "passwordPolicyMinClass": 1, + "passwordPolicyDifok": 4, + "passwordPolicyUnlockTime": 5, + "passwordPolicyFailedLockout": 3 + }, + "passwordPolicySettings": { + "passwordPolicyMinLen": 6, + "passwordPolicyMinClass": 1, + "passwordPolicyUnlockTime": 900, + "passwordPolicyFailedLockout": 3 + }, "cipherSuites": "TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "sslProvider": "OPENSSL", "ssl30Enabled": false, "tls10Enabled": false, "tls11Enabled": false, "tls12Enabled": true, "tls13Enabled": true, - "sysLogType": "UDP", "healthCheckUrl": "/favicon.ico", + "enableHTTPHealthMonitor": false, "cookiesToBeCached": "none", "ipMode": "STATICV4", "sessionTimeout": 36000000, @@ -28,45 +46,65 @@ "authenticationTimeout": 300000, "quiesceMode": false, "monitorInterval": 60, + "samlCertRolloverSupported": false, "httpConnectionTimeout": 120, "tlsPortSharingEnabled": true, "uagName": "SrvUAG01", - "ceipEnabled": true, + "ceipEnabled": false, "adminCertRolledBack": false, - "clientConnectionIdleTimeout": 360, + "clientConnectionIdleTimeout": 0, "dns": "172.16.101.11 172.16.101.12", "dnsSearch": "pheros.local", "snmpEnabled": false, + "snmpSettings": { + "version": "V1_V2C" + }, + "hostClockSyncSupported": true, + "hostClockSyncEnabled": false, "clockSkewTolerance": 600, "maxConnectionsAllowedPerSession": 16, - "maxSystemCPUAllowed": 100 + "maxSystemCPUAllowed": 100, + "secureRandomSource": "Default", + "forcedRestart": false, + "coreDumpSettings": { + "maxSizeMb": 512, + "maxTimeSeconds": 0 + }, + "extendedServerCertValidationEnabled": false, + "unrecognizedSessionsMonitoringEnabled": true }, "edgeServiceSettingsList": { "edgeServiceSettingsList": [ { "enabled": true, "identifier": "VIEW", - "proxyDestinationUrl": "https://172.16.101.31", - "proxyDestinationUrlThumbprints": "sha256=B3 EA 33 8B FA B8 DD CB 50 FF B9 33 65 DE E4 51 41 1A 72 AD 56 D7 91 13 13 46 AC 7F 37 60 47 77, sha1=E9 B0 03 3C DD C5 CB D5 94 31 92 46 FB 9A C8 B6 93 69 B5 FE", + "proxyDestinationUrl": "https://172.16.101.31:443", + "proxyDestinationUrlThumbprints": "", "healthCheckUrl": "/favicon.ico", - "redirectHostMappingList": "", - "pcoipEnabled": true, - "pcoipExternalUrl": "90.68.98.162:4172", + "redirectHostPortMappingList": "", + "canonicalizationEnabled": false, + "hostRedirectionEnabled": true, + "pcoipEnabled": false, "blastEnabled": true, "blastExternalUrl": "https://horizon.pheros.es:8443", + "blastReverseConnectionEnabled": false, + "blastAllowedHostHeaderValues": "", "tunnelEnabled": true, "tunnelExternalUrl": "https://horizon.pheros.es:6443", - "proxyPattern": "(/|/view-client(.*)|/portal(.*)|/appblast(.*))/|/downloads(.*)", + "proxyPattern": "(/|/view-client(.*)|/portal(.*)|/downloads(.*))", "smartCardHintPrompt": false, - "matchWindowsUserName": false, + "matchWindowsUserName": true, "gatewayLocation": "External", "windowsSSOEnabled": false, "logoutOnCertRemoval": false, "udpTunnelServerEnabled": true, "queryBrokerInterval": 300, "disableHtmlAccess": false, + "complianceCheckOnAuthentication": true, "proxyDestinationIPSupport": "IPV4", + "clientEncryptionMode": "ALLOWED", "radiusClassAttributeList": "", + "foreverAppsEnabled": true, "pcoipDisableLegacyCertificate": false, "securityHeaders": { "Strict-Transport-Security": "max-age=31536000", @@ -75,7 +113,10 @@ "Content-Security-Policy": "default-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';img-src 'self' blob: data:", "X-Frame-Options": "SAMEORIGIN" }, - "rewriteOriginHeader": false + "minSHAHashSize": "Default", + "proxyDestinationPreLoginMessageEnabled": true, + "rewriteOriginHeader": true, + "enableClientCertEkuCheck": false } ] }, @@ -86,7 +127,17 @@ "kerberosKeyTabSettings": [] }, "kerberosRealmSettingsList": { - "kerberosRealmSettingsList": [] + "kerberosRealmSettingsList": [ + { + "name": "PHEROS.LOCAL", + "kdcHostNameList": [ + "172.16.101.11", + "172.16.101.12" + ], + "kdcTimeout": 3, + "noOfWRPsUsingThisRealm": -1 + } + ] }, "certificateWrapper": null, "certificateWrapperAdmin": null, @@ -102,7 +153,9 @@ "pfxCertStoreWrapper": null, "pfxCertStoreWrapperAdmin": null, "idpMediaType": null, - "customBrandingSettings": null, + "customBrandingSettings": { + "customBrandingList": null + }, "idPExternalMetadataSettingsList": { "idPExternalMetadataSettingsList": [] }, @@ -113,8 +166,37 @@ "jwtSettingsList": { "jwtSettingsList": [] }, - "workspaceOneIntelligenceSettings": null, + "jwtIssuerSettingsList": { + "jwtIssuerSettingsList": [] + }, + "workspaceOneIntelligenceSettingsList": { + "workspaceOneIntelligenceSettingsList": [] + }, + "workspaceOneIntelligenceDataSettings": null, + "outboundProxySettingsList": { + "outboundProxySettingsList": [] + }, "ocspSigningCertList": { "ocspSigningCerts": null + }, + "packageUpdatesSettings": null, + "adminUsersList": { + "adminUsersList": [ + { + "name": "letsencrypt", + "enabled": true, + "adminMonitoringPasswordPreExpired": false + } + ] + }, + "customExecutableList": { + "customExecutableList": [] + }, + "syslogSettings": { + "syslogServerSettings": null + }, + "adminSAMLSettings": null, + "securityAgentSettingsList": { + "securityAgentSettingsList": [] } } \ No newline at end of file