Global Settings

Global

Global value settings for some retentions and schedules:

  • Node status update interval - how often nodes should update their status

  • Backup history retention - how long should the history of backups be kept (even removed from backup provider)

  • Task retention (in console) - how long finished/failed tasks should be kept in the console in UI/CLI

  • Periodic inventory synchronizarion interval - how oftenStorware Backup & Recovery should scan for changes in VM inventory on HV/HVMs and Microsoft 365 users accounts, sites, and teams

  • Old backups removal time - time, when daily backup destination cleanup should be invoked (for all backup destinations)

  • Old snapshots removal time - time, when daily snapshots cleanup should be invoked (for all VMs with any policy assigned)

  • Session timeout [min] - Session timeout [min] - the time after which you will be logged out of the WebUI

  • Default paging size - Default value of items shown on lists

  • Format time - you can choose between 12h and 24h time format

E-mail

Email configuration for reports purposes

  • Sender e-mail - address from which should e-mail be sent

  • SMTP server - SMTP server address

  • SMTP port - SMTP server port

  • SMTP SSL port - SMTP SSL port (if enabled)

  • SMTP user - SMTP account used to send e-mails

  • E-mail recipients (comma-separated) - list of recipients of daily backup report

  • Daily backup report (sending time) - a time when a daily backup report should be sent

  • Daily backup report - sending time for summary report

  • Enable virtual environment/application grouping - you can group the environment by selected parameter

License

This section enables you to view the current license status and upload a new license if necessary.

Note: Make sure you have added the license to Storware Backup & Recovery with Storware Endpoints while logged in as kodoadmin

License details:

  • MAX_xxx_HOSTS - maximum number of hosts for a given platform

  • BP_xxx - maximum number of backup destinations per backup provider type

  • EXPIRE_DATE - trial period expiration date

Authentication

This section enables you to set up single sign-on between Keycloak or LDAP, and product. This section assume you have installed and are using Keycloak or LDAP.

In each of the configurations, you can select a group to which the user will be automatically assigned.

Keycloak

Note: Supported Keycloak versions: 15.1 and newer

  • Server URL - Keycloak server URL (if you want to use fqdn of server url you need to use DNS on Server machine or add line in /etc/hosts, in example: '1.2.3.4 dc.fqdn.address')

  • Realm - Name of the realm configured in Keycloak

  • Resource - Name of the client configured in keycloak

  • Secret (optional) - Credential secret, if configured in Keycloak

To login via Storware Backup & Recovery login screen (e.g. if the keycloak server dies) add #/login-sbr at the end of the URL - http(s)://SERVER_IP/#/login-sbr

LDAP

Note:

  • accounts will be added to Storware Backup & Recovery automatically with the first successful login

  • all LDAP variables are case sensitive

  • Server URL - LDAP server URL (if you want to use fqdn of server url you need to use DNS on Server machine or add line in /etc/hosts, in example: '1.2.3.4 dc.fqdn.address')

  • Base DN - Base DN (Distinguished Name) that needs to be searched (it need full chain to OU with Users which you want to log into)

  • User filter - filter to be used to authenticate only users in a specific group:

In example:

(&(mail={user})(memberOf=CN=Domain Admins,CN=Users,DC=example,DC=com))

Filter is combined from two sections:

  • First section - (mail={user}) - is a variable from LDAP account, which will be use as login

  • Second section - (memberOf=CN=Domain Admins,CN=Users,DC=example,DC=com) - is a actual filter, which define who can log into WebUI, you need to define here variable name and DN of specific variable

Explanation of other options:

  • Enable LDAP subtree search - when disabled, only 1 level below base DN is being searched

  • Use SSL - enables SSL for LDAP connection ('ldaps://')

  • Use TLS - enables TLS for LDAP connection

  • Anonymous access allowed - if users are not allowed to anonymously browse LDAP directory you need to provide an account that has that privilege:

    • Service account DN - DN of the user

    • Service account password - password of that user

Last updated