# Global Settings ## Global Global value settings for some retentions and schedules: ![](https://content.gitbook.com/content/0FWMFN0y1yUTAd3cSRaK/blobs/cf5D5Y6F8u4el2hjCr85/administration-settings-global_settings-global.png) * `Node status update interval` - how often nodes should update their status * `Backup history retention` - how long should the history of backups be kept (even removed from backup provider) * `Task retention (in console)` - how long finished/failed tasks should be kept in the console in UI/CLI * `Periodic inventory synchronizarion interval` - how oftenStorware Backup & Recovery should scan for changes in VM inventory on HV/HVMs and Microsoft 365 users accounts, sites, and teams * `Old backups removal time` - time, when daily backup destination cleanup should be invoked (for all backup destinations) * `Old snapshots removal time` - time, when daily snapshots cleanup should be invoked (for all VMs with any policy assigned) * `Session timeout [min]` - Session timeout \[min] - the time after which you will be logged out of the WebUI * `Default paging size` - Default value of items shown on lists * `Format time` - you can choose between 12h and 24h time format ## E-mail Email configuration for reports purposes ![](https://content.gitbook.com/content/0FWMFN0y1yUTAd3cSRaK/blobs/luVqF2WzUVsk5ai8FxPG/administration-settings-global_settings-email.png) * `Sender e-mail` - address from which should e-mail be sent * `SMTP server` - SMTP server address * `SMTP port` - SMTP server port * `SMTP SSL port` - SMTP SSL port (if enabled) * `SMTP user` - SMTP account used to send e-mails * `E-mail recipients (comma-separated)` - list of recipients of daily backup report * `Daily backup report (sending time)` - a time when a daily backup report should be sent * `Daily backup report` - sending time for summary report * `Enable virtual environment/application grouping` - you can group the environment by selected parameter ## License This section enables you to view the current license status and upload a new license if necessary. {% hint style="info" %} **Note:** Make sure you have added the license to Storware Backup & Recovery with Storware Endpoints while logged in as kodoadmin {% endhint %} ![](https://content.gitbook.com/content/0FWMFN0y1yUTAd3cSRaK/blobs/ZH4dpWOt1Rg42udnomjP/administration-settings-global_settings-license.png) License details: * `MAX_xxx_HOSTS` - maximum number of hosts for a given platform * `BP_xxx` - maximum number of backup destinations per backup provider type * `EXPIRE_DATE` - trial period expiration date ## Authentication This section enables you to set up single sign-on between Keycloak or LDAP, and product. This section assume you have installed and are using Keycloak or LDAP. In each of the configurations, you can select a group to which the user will be automatically assigned. ### Keycloak {% hint style="info" %} **Note:** Supported Keycloak versions: 15.1 and newer {% endhint %} * `Server URL` - Keycloak server URL (if you want to use fqdn of server url you need to use DNS on Server machine or add line in `/etc/hosts`, in example: '1.2.3.4 dc.fqdn.address') * `Realm` - Name of the realm configured in Keycloak * `Resource` - Name of the client configured in keycloak * `Secret` (optional) - Credential secret, if configured in Keycloak ![](https://github.com/Storware/backup-and-recovery-manual/blob/master/.gitbook/assets/administration-settings-global_settings-authenticatio_keycloak.png) {% hint style="info" %} To login via Storware Backup & Recovery login screen (e.g. if the keycloak server dies) add `#/login-sbr` at the end of the URL - `http(s)://SERVER_IP/#/login-sbr` {% endhint %} ### LDAP {% hint style="info" %} **Note:** * accounts will be added to Storware Backup & Recovery automatically with the first successful login * all LDAP variables are case sensitive {% endhint %} * `Server URL` - LDAP server URL (if you want to use fqdn of server url you need to use DNS on Server machine or add line in `/etc/hosts`, in example: '1.2.3.4 dc.fqdn.address') * `Base DN` - Base DN (Distinguished Name) that needs to be searched (it need full chain to OU with Users which you want to log into) * `User filter` - filter to be used to authenticate only users in a specific group: ![](https://content.gitbook.com/content/0FWMFN0y1yUTAd3cSRaK/blobs/WCJWlYCa1Qhh2ygwzEvN/administration-settings-global_settings-authentication.png) In example: ``` (&(mail={user})(memberOf=CN=Domain Admins,CN=Users,DC=example,DC=com)) ``` Filter is combined from two sections: * First section - `(mail={user})` - is a variable from LDAP account, which will be use as login * Second section - `(memberOf=CN=Domain Admins,CN=Users,DC=example,DC=com)` - is a actual filter, which define who can log into WebUI, you need to define here variable name and DN of specific variable Explanation of other options: * `Enable LDAP subtree search` - when disabled, only 1 level below base DN is being searched * `Use SSL` - enables SSL for LDAP connection ('ldaps\://') * `Use TLS` - enables TLS for LDAP connection * `Anonymous access allowed` - if users are not allowed to anonymously browse LDAP directory you need to provide an account that has that privilege: * `Service account DN` - DN of the user * `Service account password` - password of that user