You are browsing the documentation for iTop 3.0 which is not the current version.

Consider browsing to iTop 3.2 documentation

Configuration Parameters

Overview

Located in the the conf/production directory, the file itop-config.php contains all the configuration parameters of iTop. This file is created during the setup, and updated upon upgrade.

If you have done some modifications to the settings, please backup this file prior to executing an upgrade, because the file will be generated again by the upgrade program. For example, comments will be lost.

The configuration file contains the following sections:

  • MySettings: contains iTop settings. Some settings are not visible in the file generated by the installation program. These are settings for troubleshooting or disabling some features (workaround for complex integrations).
  • MyModuleSettings: contains module settings.
  • MyModules: lists the PHP files to include. It is a way to disable -temporarily- an installed feature. Depending on your need for language support, you might comment out some lines. This can speedup significantly the execution of every single iTop page. Please note that those changes will be lost when upgrading iTop.

Risk mitigation

Since the iTop configuration is stored - and processed - as a PHP document, PHP code injection is possible via the configuration editor. If you think that letting iTop administrators interactively edit the configuration file is too risky (for example if iTop is installed on a server shared with other applications), you can completely disable the interactive configuration editor. To disable the interactive editor, set the following configuration parameter (in the 'module_settings' section of the configuration file):

conf/production/config-itop.php
'itop-config' => array( 
    'config_editor' => 'disabled', 
)

MySettings

A

Parameter Type Visible ? Description Default Value
access_message string Yes Message displayed to the users when there is any access restriction iTop is temporarily frozen, please wait… (the admin team)
access_mode integer Yes Flags (ACCESS_READONLY =0 , ACCESS_ADMIN_WRITE =2 or ACCESS_FULL =3) New in 2.7.0 - A setup force the value to ACCESS_FULL 3
activity_panel.datetimes_reformat_limit integer No New in 3.0.0 - Limit (in days) for the dates / times to be displayed in a relative format (eg. “2 days ago”) instead of in absolute format (eg. “2021-05-01 10:00”). After that limit, they will all be displayed in absolute format using the “date_and_time_format” parameter. 7
activity_panel.entry_form_opened_by_default bool No New in 3.0.0 - Whether or not the new entry form will be automatically opened when viewing an object false
activity_panel.lock_watcher_period integer No New in 3.0.0 - Period (in second) between lock status update. 30
activity_panel.prefilter_only_current_log bool No New in 3.0.0 - Whether the “Logs” filter should only be set to the log from the current tab or to all of them. true
activity_panel.prefilter_state_changes_on_logs bool No New in 3.0.0 - Whether the “State changes” filter should be set by default on all log tabs. false
activity_panel.prefilter_edits_on_logs bool No New in 3.0.0 Whether the “Edits” filter should be set by default on all log tabs. false
activity_panel.hide_avatars array No New in 3.0.0 - GUIs IDs (“backoffice”, “itop-portal” for the standard end-users portal, …) in which the user avatars should be hidden and replaced if possible by their initials (eg. array(“backoffice”, “itop-portal”, “another-portal-id”))
activity_panel.show_author_name_below_entries bool Yes New in 3.0.0 - Whether or not to show the author friendlyname next to the date on the last entry false

Ad-B

Parameter Type Visible ? Description Default Value
addon_list array Yes Automatically populated by the installation process
allow_menu_on_linkset bool No New in 2.4.0 - Display Action menus (including creation) in view mode on any LinkedSet with edit_mode != none false
allow_rest_services_via_tokens bool No New in 3.0.3 RestProfile are not mandatory anymore to reach and use Rest APIs or Data synchro CLI scripts. you can do it through PersonalTokens by using iTop below option. this means bypassing secure_rest_services option via PersonalToken access. false
allow_target_creation bool No Displays the + button on external keys to create target objects true
allowed_login_types string Yes The list (and in which order) of authentication methods that the application allows. The value is a combination of form,cas,basic,external,url form,basic,external
apc_cache.enabled bool Yes If set, the APC cache is allowed (the PHP extension must also be active) true
apc_cache.query_ttl integer Yes Time to live set in APC for the prepared queries (seconds - 0 means no timeout) 3600
app_env_label string No Label displayed to describe the current application environnment, defaults to the environment name (e.g. “production”)
app_icon_url string No Hyperlink to redirect the user when clicking on the application icon (in the main window, or login/logoff pages) http://www.combodo.com/itop
app_root_url string Yes Root URL used for navigating within the application, or from an email to the application (you can put $_SERVER_NAME$ or $SERVER['xx'] as a placeholder for the server's name)
Warning : after modifying this parameter value, you must run a setup !
for instance:
'app_root_url' => 'http://$SERVER_NAME$/itop/',
or
'app_root_url' => 'http://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'itop.domain.com') . '/',
application_list array Yes Automatically populated by the installation process
async_task_retries array No Automatic retries of asynchronous tasks in case of failure (per class). The format of each entry is 'AsyncTaskClassName' => array('max_retries' => number, 'retry_delay' => number, exponential_delay => true or false ). See more details below. Array
backoffice_default_theme string No New in 2.7.0 - Theme used for iTop's console. light-grey
behind_reverse_proxy bool Yes New in 2.7.4 - If true, then proxies custom header (X-Forwarded-*) are taken into account. Use only if the webserver is not publicly accessible, so reachable only through a reverse proxy and check reverse-proxy setting false
buttons_position string Yes Deprecated in 3.0.0 Position of the forms buttons: bottom , top , both both
breadcrumb.enabled bool No ther or not the breadcrumbs is enabled true
breadcrumb.max_count integer No Maximum number of items kept in the history breadcrumb. Set it to 0 to entirely disable the breadcrumb. 8

C

Parameter Type Visible ? Description Default Value
compatibility.include_moved_js_files bool No New in 3.0.0 - Include back previous iTop version JS files which are now only included when necessary to ease usage of not migrated extensions false
compatibility.include_deprecated_js_files bool No New in 3.0.0 - Include previous iTop version deprecated JS files to ease usage of not migrated extensions false
compatibility.include_moved_css_files bool No New in 3.0.0 - Include back previous iTop version CSS files which are now only included when necessary to ease usage of not migrated extensions false
compatibility.include_deprecated_css_files bool No New in 3.0.0 - Include previous iTop version deprecated CSS files to ease usage of not migrated extensions false
complex_actions_limit integer No Display the “actions” menu items that require long computation only if the list of objects is contains less objects than this number (0 means no limit) 50
concurrent_lock_enabled bool No Whether or not to enable the locking mechanism to prevent concurrent interactive modifications false
concurrent_lock_expiration_delay int No The delay (in seconds) for a lock to expire (in case of a crash of the web browser or a loss of connection). While editing an object, the browser will call the server twice during this interval. Minimum value is 15s. Lower values provide a more responsive user interface but increase the load on the server and the network traffic. 120
concurrent_lock_override_profiles array No The list of profiles which are allowed to “kill” a lock. The value is an array of profile names array('Administrator')
config_editor string No Disable the interactive configuration editor
cron_max_execution_time integer Yes Duration (seconds) of the cron.php script : if exceeded the script will exit even if there are remaining tasks to process. Must be shorter than php max_execution_time setting (note than when using CLI, this is set to 0 by default which means unlimited). If cron.php is ran via web, it must be shorter than the web server response timeout. 600
cron_task_max_execution_time integer No New in 3.0.1 Background tasks will use this value (integer) multiplicated by its periodicity (in seconds) as max duration per cron execution. 0 is unlimited time 0
cron_sleep integer No Duration (seconds) before cron.php checks again if something must be done 2
csv_file_default_charset string Yes Character set used by default for downloading and uploading data as a CSV file. Warning: it is case sensitive (uppercase is preferable). ISO-8859-1
csv_import_charsets array Yes An array of character sets names to be added to the ones offered by the CSVImport menu item. Add your own charsets definitions here if the standard list does not fit your needs.
csv_import_creations_percentage integer No Percentage of creations that trigger a confirmation in the CSV import 50
csv_import_errors_percentage integer No Percentage of errors that trigger a confirmation in the CSV import 50
csv_import_history_display bool Yes Display the history tab in the import wizard false
csv_import_min_object_confirmation integer No Minimum number of objects to check for the confirmation percentages 3
csv_import_modifications_percentage integer No Percentage of modifications that trigger a confirmation in the CSV import 50

D

Parameter Type Visible ? Description Default Value
datamodel_list array Yes Automatically populated by the installation process
date_and_time_format array Yes The date/time format to use when displaying date and times in iTop see below
db_host string Yes Name of the host for the MySQL database server. (e.g. localhost, 192.168.10.234, mydbserver.demo.com, etc.). Can also contain the port (host:port, for exemple localhost:3306). Use p: prefix (for exemple p:localhost:3306) to use persistent connexions (not recommended by Combodo, use at your own risks !)
db_name string Yes Name of the MySQL database
db_user string Yes User to connect to the MySQL server
db_pwd string Yes Password to connect to the MySQL server
db_subname string Yes Prefix of the tables in the MySQL database
db_tls.enabled boolean No If enabled then the connection to the MySQL server will be encrypted using TLS. See Connect to MySQL using TLS false
db_tls.ca string No Path to certificate authority file for SSL. If present then connection to MySQL will be made using the flag MYSQLI_CLIENT_SSL, otherwise it will use MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
deadline_format string Yes The format used for displaying “deadline” attributes: any string with the following placeholders: $date$, $difference$ $difference$
debug_report_spurious_chars bool No Report, in the error log, the characters found in the output buffer, echoed by mistake in the loaded modules, and potentially corrupting the output false
default_language string Yes The default language for the application, used for the login/logout pages. (Selected during the installation) EN US
demo_mode bool No Set to true to prevent users from changing passwords/languages false
developer_mode.enabled bool No New in 3.0.0 - If true then unlocks dev env functionalities, see \utils::IsDevelopmentEnvironment null
dictionary_list array Yes Automatically populated by the installation process
disable_mandatory_ext_keys bool No For developpers: allow every external keys to be undefined false
draft_attachments_lifetime integer No New in 2.5.0 - Lifetime (in seconds) of drafts' attachments and inline images. When creating InlineImage, an expire time is set : current time + this parameter value. A background process will delete every expired object. 86400

E

Parameter Type Visible ? Description Default Value
email_asynchronous bool Yes If set, the emails are sent off line, which requires cron.php to be activated. Exception: some features like the email test utility will force the serialized mode false
email_css string No CSS that will be applied to the contents of the email. See css/email.css for an example (optional) .caselog_header {color: red;}
email_default_sender_address string Yes New in 2.5.0 - Email used as the sender, when none specified. eg. Test notification, synchro error,… are sending emails using this default. empty
email_default_sender_label string Yes New in 2.5.0 - Label used for sender, when none specified. empty
email_transport string Yes Mean to send emails: PHPMail (uses the function mail()) or SMTP (implements the client protocole) PHPMail
email_transport_smtp.encryption string No tls or ssl (optional)
email_transport_smtp.host string No host name or IP address (optional) localhost
email_transport_smtp.password string No Authentication password (optional)
email_transport_smtp.port integer No port number (optional) 25
email_transport_smtp.username string No Authentication user (optional)
email_validation_pattern string Yes Regular expression for validating email addresses [a-zA-Z0-9._&'-]+@[a-zA-Z0-9.-]+\.[a-zA-Z0-9-]{2,}
email_decoration_class string No New in 2.5.0 - CSS class(es) to use as decoration for the HTML rendering of the attribute. eg. “fa fa-envelope” will put a mail icon fa fa-envelope
encryption_key string Yes An encryption key used for encrypting secured fields. (see encrypt data) @iT0pEncr1pti0n!
encryption_library string Yes New in 2.6.0 - Library name that will be used to encrypt data Sodium
export_pdf_font string No New in 2.7.0 - see PR #49 - Font set in PDF generated by iTop. Can be one of the default TCPDF font, or DroidSansFallback (better CJK support) DejaVuSans

F-L

Parameter Type Visible ? Description Default Value
fast_reload_interval integer Yes The duration (in seconds) between two reloads of a list resulting of an OQLMenu, if the XML tag auto_reload is set to fast 60
force_transition_confirmation bool No Since 3.0.0 - the console behave as the User Portal: transitions without prompted fields do not display a confirmation screen. If you want back in the console, the previous behavior, set this flag to true false
forgot_password bool No Enable the “Forgot password” feature true
forgot_password_from string No Sender email address for the “forgot password” feature. If empty, defaults to the recipient's email address. empty
full_text_accelerators array No Specifies classes to be searched at first (and the subset of data) when running the full text search. A PHP array, as described in section full_text_accelerators
full_text_chunk_duration integer No Delay after which the results are displayed. 2
full_text_needle_min integer No Minimum size of the full text needle. 3
global_search.enabled bool No New in 3.0.0 - Whether or not the global search is enabled true
global_search.show_history bool No New in 3.0.0 - Whether or not to display the elements in the history true
global_search.max_history_results integer No New in 3.0.0 - Max. number of elements in the history 10
graphviz_path string Yes Path to the Graphviz “dot” executable for displaying impact analysis and objects lifecycle /usr/bin/dot
high_cardinality_classes array No New in 2.5.0 - classes with a lot of objects, automated search is disabled for them empty
html_sanitizer string No Allow to disable the HTML sanitizing, done by iTop for security reason. Usage of the parameter is strongly discouraged HTMLDOMSanitizer
impact_analysis_first_tab string No Which tab to display first in the impact analysis view: list or graphics. Graphics are nicer but slower to display when there are many objects graphics
impact_analysis_lazy_loading bool No New in 2.7.7 and 3.0.1 - in the impact analysis view: if set to true asks to filter before displaying the analysis false
inline_image_max_display_width integer Yes The maximum width (in pixels) to display inline images (inside formatted text fields and case logs). Images will be shrinked to this limit when displaying (with a magnifier cursor when moving the mouse over them) 600
inline_image_max_storage_width integer Yes The maximum width (in pixels) for uploaded images inside formatted text fields and case logs. images larger than this limit will be downsampled before being stored in the database. 1600
link_set_attribute_qualifier string Yes Link set from string: attribute qualifier (encloses both the attcode and the value) '
link_set_attribute_separator string Yes Link set from string: attribute separator ;
link_set_item_separator string Yes Link set from string: line separator ,
link_set_value_separator string Yes Link set from string: value separator (between the attcode and the value itself :
link_set_max_edit_ext_key integer Yes New in 3.0.3-1 Maximum number of items in the link that allow editing the remote external key. Above that limit, remote external key cannot be edited. Mind that setting this limit too high can have a negative impact on performances. 50

Log

Parameter Type Visible ? Description Default Value
login_debug bool No If set to true (or 1), it logs debug info during login, more info here false
log_global bool Yes If set to true (or 1), it logs events for active logs specified with the other log_…. parameters true
log_issue bool Yes If set to true (or 1), then internal errors (or some usage errors) will be traced both into <iTopLog>/error.log (destination file could not be changed) and the DB (OQL: SELECT EventIssue) true
log_filename_builder_impl string No New in 2.7.0 - Rotation policy for log files. Choose an implementation of iLogFileNameBuilder (one of : DefaultLogFileNameBuilder, DailyRotatingLogFileNameBuilder, WeeklyRotatingLogFileNameBuilder, MonthlyRotatingLogFileNameBuilder). Use empty value or 'DefaultLogFileNameBuilder' to have no rotation.

See iTop logs
MonthlyRotatingLogFileNameBuilder
log_kpi_duration integer No Level of logging for troubleshooting performance issues (1 to enable, 2 +blame callers starting 2.0.3) 0
log_kpi_slow_queries float No New in 2.7.0 - Display only KPI lasting more than this parameter (in seconds). 0 means all KPI are displayed. 1
log_kpi_memory integer No Enable logging for troubleshooting memory limit issues (0 or 1) 0
log_kpi_user_id string No Log KPI for a single login (* means all users) - A login is expected not a user_id :-( *
log_level_min array No New in 2.7.0 - Filter the logs. This is an array of channel => level defining the minimal level per channel. If not configured, channels default level is Info.

See iTop logs
“”
log_level_min.write_in_db array No New in 3.0.0 - Filter the logs written in database. This is an array of channel => level defining the minimal level per channel.

See database and exceptions_logging
“”
log_notification bool Yes If set to true (or 1), then notifications sent my the mean of the Trigger/Actions will be recorded into the DB (OQL: SELECT EventNotification) true
log_usage bool No Log the usage of the application (i.e. the date/time and the user name of each login). To see the results: SELECT EventLoginUsage false
log_rest_service bool No Log the usage of the REST/JSON service (OQL: SELECT EventRestService) false
log_web_service bool Yes If set to true (or 1), then usage of the SOAP service(s) will be recorded into the DB (OQL: SELECT EventWebService) true

M-N

Parameter Type Visible ? Description Default Value
max_combo_length integer No The maximum number of elements in a drop-down list. If more then an autocomplete will be used 50
max_display_limit integer Yes The maximum number of items that a list can display at once. Above this number, the first “min_display_number” items are displayed, the rest requires to go to following pages 30
max_execution_time_per_loop integer No The max_execution_time allocated for each loop when performing bulk operations (bulk import, bulk delete, synchro_import.php, …). Zero means 'no limit'. 30
max_history_length integer No Maximum number of “State changes” and “Edits” entries in the activity panel. Latest modifications are displayed first, if any previous entries exist they can be loaded through a “More” button at the bottom. 200
max_history_case_log_entry_length integer No Deprecated in 3.0.0 The length (in number of characters) at which to truncate the (expandable) display (in the history) of a case log entry. If zero, the display in the history is not truncated. 60
max_linkset_output integer Yes Maximum number of items shown when getting a list of related items in an email, using the form $this→some_list$. 0 means no limit. 100
min_autocomplete_chars integer No The minimum number of characters to type in order to trigger the “autocomplete” behavior 2
max_autocomplete_results integer No New in 3.0.0 - The maximum number of result elements to display, no matter the total number of results 150
min_display_limit integer Yes The number of items to display per page when pagination is used. Pagination is used only when total count is above “max_display_limit” 20
min_reload_interval integer No Minimum interval (seconds) than can be specified for the automatic refresh of dashboards, shortcuts, etc. Even if the interval is set programmatically, it is forced to that minimum 5
module_settings array Yes Automatically populated by the installation process
mentions.allowed_classes array Yes New in 3.0.0 Classes which can be mentioned through the autocomplete in the logs. Key of the array must be a single character that will trigger the autocomplete, value must be a DM class (eg. “@” => “Person”, “?” => “FAQ”)) '@' => 'Person'
navigation_menu.show_menus_count bool No New in 3.0.0 - Display counters in menus for OQL entries true
newsroom_enabled bool No New in 2.6.0 - Set this parameter to false to completely disable the Newsroom feature for all users. true

O-R

Parameter Type Visible ? Description Default Value
obsolescence.show_obsolete_data bool No Default value for the user preference “Show obsolete data” false
obsolescence.date_update_interval int No Delay in seconds between two refreshes of the obsolescence dates. 600
online_help string Yes Hyperlink to the online-help web page http://www.combodo.com/itop-help
password_hash_algo string No New in 3.0.0 - Algorithm used to hash password values can be : https://www.php.net/manual/en/password.constants.php PASSWORD_DEFAULT
phone_number_validation_pattern string No New in 2.5.0 - Regular expression to validate/detect the format of a phone number [0-9.\-\ \+\(\)]+
phone_number_url_pattern string No New in 2.5.0 - Format for phone number url, use %1$s as a placeholder for the value. eg. “tel:%1$s” for regular phone applications or “callto:%1$s” for Skype. Default is “tel:%1$s” tel:%1$s
phone_number_decoration_class string No New in 2.5.0 - CSS class(es) to use as decoration for the HTML rendering of the attribute. eg. “fa fa-phone” will put a phone icon fa fa-phone
php_path string Yes Path to the php executable in CLI mode php
portal_dispatch_urls array No Associative array of sPortalId => Home page URL (relatively to the application root)
query_indentation_enabled bool No For developers: format the SQL queries for human analysis false
quick_create.enabled bool No New in 3.0.0 - Whether or not the quick create is enabled true
quick_create.max_autocomplete_results integer No New in 3.0.0 - Max. number of elements returned by the autocomplete 10
quick_create.show_history bool No New in 3.0.0 - Whether or not to display the elements in the history true
quick_create.max_history_results integer No New in 3.0.0 - Max. number of elements in the history 10
regenerate_session_id_enabled bool false New in 2.7.0 - If true, session id wil be regenerated on each user login to prevent session fixation attacks.
The session regeneration is made using the session_regenerate_id PHP function. In 2.7.0 and 2.7.1 the call is made without parameter, beginning with 2.7.2 we are passing true as parameter.
true
relations_max_depth integer No Maximum number of successive levels (depth) to explore when displaying the impact/depends on relations. The default value, used for backward compatibility (20), means a depth of twenty levels, which is huge. For large data sets it may be wise to limit this value to 4/5 levels. 20

S-T

Parameter Type Visible ? Description Default Value
search_manual_submit bool No New in 2.5.0 - Fine tuned how the search behaves, automatically on first criteria setting (default) or manually with Magnifier icon. For a manual search on some classes only, use instead the parameter high_cardinality_classes false
secure_connection_required bool Yes Whether or not the application is allowed to run on a non-secure (i.e. non HTTPS) connection false
secure_rest_services bool No New in 2.5.0 - When set to 'true', the access to the REST web services is limited to user accounts having the profile REST Services User. Any other value will disable this verification and let any valid user access the REST web services, as in pre-2.5.0 versions of iTop. true
security_header_xframe string No New in 2.7.2-2 - Value of the X-Frame-Options HTTP header sent by iTop SAMEORIGIN
security.disable_inline_documents_sandbox bool No New in 2.7.6 - If true then the sandbox for documents displayed in a browser tab will be disabled; enabling scripts and other interactive content. Note that setting this to true will open the application to potential XSS attacks! false
security.hide_administrators bool No New in 3.0 - If true then administrator accounts, the Administrator profile and the links between administrator accounts and their profiles are hidden to non-admin users. false
session_name string Yes The name of the cookie used to store the PHP session id iTop
shortcut_actions string Yes Specify actions extracted from “Actions” menu and displayed as separated buttons. Comma separated action ids. The id of a transition menu is the stimulus code (eg. ev_assign). For an object copier action, the id is object_copier_X where X is the entry in the array, usually a number. This does only apply to the Console. If the action has an icon, it is displayed without label. UI:Menu:Modify, UI:Menu:New
skip_check_ext_keys bool No Disable external key check when checking the value of attributes false
skip_check_to_write bool No Disable data format and integrity checks to boost up data load (insert or update) false
skip_strong_security bool No Disable strong security - TEMPORY: this flag should be removed when we are more confident in the recent change in security true
source_dir string Yes Source directory for the datamodel files. (which gets compiled to env-production).
standard_reload_interval integer Yes The duration (in seconds) between two reloads of a list resulting of an OQLMenu, if the XML tag auto_reload is set to “standard” 300
synchro_prevent_delete_all bool No Stop the synchro if all the replicas of a data source become obsolete at the same time. true
svg_sanitizer string No Class to use for SVG sanitization. Must extends HTMLSanitizer. SvgDOMSanitizer
synchro_trace string Yes Synchronization details: none, display, save (includes 'display'). When save, traces are stored in SynchroLog class. none
tag_set_item_separator string Yes New in 2.6.0 - Tag set from string: tag separator |
timezone string Yes Timezone (reference: http://php.net/manual/en/timezones.php). If empty, it will be left unchanged and MUST be explicitely configured in PHP Europe/Paris
tracking_level_linked_set_default integer No Default tracking level if not explicitly set at the attribute level, for AttributeLinkedSet (defaults to NONE in case of a fresh install, LIST otherwise - this to preserve backward compatibility while upgrading from a version older than 2.0.3 - see TRAC #936) 1
tracking_level_linked_set_indirect_default integer No Default tracking level if not explicitly set at the attribute level, for AttributeLinkedSetIndirect 3
transaction_storage string No Mechanism for storing the transaction identifiers. Possible values: File or Session. Use File if you are using non locking mechanism like memcache for storing the session information. Since iTop 2.6 the default value is File, before it was Session File
transactions_gc_threshold integer No New in 2.7.4 - Probability in percent for the garbage collector of the transaction identifiers to be triggered (100 mean always). 10

U-Z

Parameter Type Visible ? Description Default Value
url_validation_pattern string Yes Regular expression to detect URL pattern in Text attribute as well as validate URL attributes content. Warning : slash characters (/) musn't be escaped. (https?|ftp)\://([a-zA-Z0-9+!*(),;?&=\$_.-]+(\:[a-zA-Z0-9+!*(),;?&=\$_.-]+)?@)?([a-zA-Z0-9-.]{3,})(\:[0-9]{2,5})?(/([a-zA-Z0-9:%+\$_-]\.?)+)*/?(\?[a-zA-Z+&\$_.-][a-zA-Z0-9;:[\]@&%=+/\$_.-]*)?(#[a-zA-Z0-9_.-][a-zA-Z0-9+\$_.-]*)?
user_preferences.allow_backoffice_theme_override bool No Whether the user can choose which theme to use in the backoffice. If set to false, all users will have the theme defined in “backoffice_default_theme” true
user_rights_legacy bool No Set to true to restore the buggy algorithm for the computation of user rights (within the same profile, ALLOW on the class itself has precedence on DENY of a parent class) false
webservice_list array Yes Automatically populated by the installation process
xlsx_exporter_memory_limit string No Maximum amount of memory allowed when running an interactive Excel export. Exporting 50,000 tickets requires about 1GB of memory 2048M

Zooming on...

Escaping \

Within values of any config parameters, if you type a \ after saving it is automatically doubled and becomes \\ when reopening the file. This behavior is normal and has no adverse impact. Don't change it again, it is useless.

full_text_accelerators

By default the “global search” feature performs a search on each and every class and attribute defined in iTop. When the database grows, this can become very slow. Using accelerators, an administrator can specify, for a given class, how to search - in less fields - in order to speed up the search. It is also possible to completely exclude a given class from the search.

Example:

conf/production/config-itop.php
'full_text_accelerators' => array (
  'UserRequest' => array (
    'skip' => false,
    'needle' => '%$needle$%',
    'query' => "SELECT UserRequest WHERE (status != 'closed') 
                AND (ref LIKE :needle OR title LIKE :needle OR description LIKE :needle)",
    'attributes' => array('title', 'description'),
    'enable_enlarge' => true,
  ),
  'Person' => array (
    'query' => 'SELECT Person WHERE (name LIKE :needle) 
                OR (first_name LIKE :needle) OR (email LIKE :needle)',
    'attributes' => array ('name', 'first_name', 'email'),
  ),
),

For a given non-abstract class, the parameters are:

  • skip (optional) if present, and equal to true, then the whole class will be skipped from the global search (unless the end-user specifically requires to search in this class by typing NameOfTheClass:string_to_search in the global search).
  • query determines both the scope of objects to search for, and the columns that will be looked up. The entered search string is represented by the parameter :needle
  • attributes (optional) must match the attributes used in the query so that the system will optimize its execution time.
  • needle is optional and defaults to “%$needle$%”. It specifies how to make the :needle parameter out of the user search string.
  • enable_enlarge (optional) if present and equal to false, the button Enlarge search will be hidden. When Enlarge Search is clicked, iTop performs the default complete search (all attributes) for the specified class of objects

date_and_time_format

This configuration parameter specifies the formatting of date and time fields in the application. The configuration can be specified by default and overloaded per language. If an entry (either date, time or date_time) is omitted in a given language, the corresponding default entry will be used. If no value is specified at all, the system will supply its own fallback value.

  • The date entry specifies the format for dates. The fallback value is Y-m-d (MySQL format),
  • The time entry specified the format for times. The fallback value is H:i:s (MySQL format),
  • The date_time entry specifies how to assemble date and time in order to produce a complete date/time representation.

The syntax is the following:

'date_and_time_format' => array(
    'default|language_code' => array(
        'date' => 'date_format',
        'time' => 'time_format',
        'date_time' => 'combination_of_date_time_values',
    ),
)

Values for the date format:

Placeholder Meaning
Y Year, on 4 digits, e.g. 2016
y Year, on 2 digits, e.g. 16. Suitable for dates between 1970 and 2069
m Month, on 2 digits, e.g. 01..12
n Month, on 1 or 2 digits, without leading zero, e.g. 1..12
d Day of the month, on 2 digits, e.g. 01..31
j Day of the month, on 1 or 2 digits, without leading zero, e.g. 1..31

Values for the time format:

Placeholder Meaning
H Hours (24 hour clock), on 2 digits, e.g. 00..23
h Hours (12 hour clock), on 2 digits, e.g. 01..12
G Hours (24 hour clock), on 1 or 2 digits without leading zero, e.g. 0..23
g Hours (12 hour clock), on 1 or 2 digits without leading zero, e.g. 1..12
i Minutes, on 2 digits, e.g. 00..59
s Seconds, on 2 digits, e.g. 00..59

Values for the date_time format:

Placeholder Meaning
$date The corresponding date format
$time The corresponding time format

The example below produces the following result:

  • For users which language is configured to French (FR FR):
    • the dates are written: <day on two digits>/<month on 2 digits>/<year on 4 digits>, for example: 21/04/2016
    • the times are written: <hours, 24 hour clock, on 2 digits>:<minutes on two digits>, for example: 14:35
    • the date and times are written: <date> <time>, for example: 21/04/2016 14:35
  • For users which language is configured to German (DE DE):
    • the dates are written: <day on two digits>.<month on 2 digits>.<year on 4 digits>, for example: '21.04.2016'
    • the times are written: <hours, 24 hour clock, on 2 digits>:<minutes on two digits>, for example: 14:35
    • the date and times are written: <date> <time>, for example: 21.04.2016 14:35
  • By default (for all other languages):
    • the dates are written: <year on 4 digits>-<month on 2 digits>-<day on two digits>, for example: 2016-04-21
    • the times are written: <hours, 24 hour clock, on 2 digits>:<minutes on two digits>:<seconds on two digits>, for example: 14:35:09
    • the date and times are written: <date> <time>, for example: 2016-04-12 14:35:09
'date_and_time_format' => array(
    'default' => array(
        'date' => 'Y-m-d',
        'time' => 'H:i:s',
        'date_time' => '$date $time',
    ),
    'FR FR' => array(
        'date' => 'd/m/Y',
        'time' => 'H:i',
        'date_time' => '$date $time',
    ),
    'DE DE' => array(
        'date' => 'd.m.Y',
        'time' => 'H:i',
        'date_time' => '$date $time',
    ),
)
Using a date-time format starting with the time (eg. H:i:s d/m/Y) is not supported by the UI

shortcut_actions

The code to use to specify a transition is the transition code such as ev_close.

If an action is not available for a given class, also it is requested to be presented outside of the action pop-up menus, it won't be and won't generate any error.

It is possible to set a different list of shortcut actions per class, by overwriting the DBObject::GetShortcutActions method

itop-design / classes
    <class id="Incident">
      <methods>
        <method id="GetShortcutActions" _delta="define">
          <static>true</static>
          <access>public</access>
          <type>Overload-DBObject</type>
          <code ><![CDATA[
        public static function GetShortcutActions()
        {
                return array('UI:Menu:Modify');
        }
        ]]></code >
        </method>
      </methods>
    </class>

New in 2.4.2:

  • the standard search is executed as soon as a search criteria is defined.
  • when using the magnifier icon on an ExternalKey attribute, the search is executed.
  • when searching objects to be added on a LinkedSetIndirect attribute (n:n relationship), the search is executed.

On classes with high volume of data and if filtering is not defined, it might be better to force the user to decide when he has entered enough criterion to make the search effective.

This can be done in the Configuration file by defining the classes for which you want this behavior to be applied.

Configuration
    'high_cardinality_classes' => array (
      0 => 'Contact',
      1 => 'Person',
      2 => 'UserRequest',
    ),

You can also instead, force this behavior for all classes at once, using this:

Configuration
      'search_manual_submit' => true,
        ),

In this example, for Person, users must explicitly press the search icon to get the resulting list aligned with the set criterion. There is a warning message to remind users about this different behavior. Auto Search deactivated icon

Shortcut and Predefined search (=OQLMenuNode) are immediatly executed, regardless of the above parameters

Default criterion per class

Unless you customize your iTop Datamodel, this are the default criterion defined.
Default criterion is optional. They are inherited from parent classes if not defined.

We have chosen those criterion because they are the most used for single object search, which is what simple users would do. Advanced users will know how to add/remove criteria.

Predefined requests such as menus and shortcuts, will not use those defaults as soon as they come with their own criterion.

Class Criterions
Contract Name, Customer, Provider
Contact Full Name, Email, Organization
Database Schema Full Name, DB server, Organization
Datacenter Device Full Name, Management ip, Organization
Document Name, Description, Organization
Functional CI Full Name, Organization
Group Name, Type, Organization
IP Interface Full Name, IP address, MAC address
Licence Name, Description, Key
Middleware Instance Full Name, Middleware, Organization
Network Interface Name
Patch Name, Description
Physical CI Full Name, Location, Organization
Organization Name
Location Name, Country, Organization
Service Name, Provider, Service Family
Service Family Name
Service Subcategory Name, Service, Service->Provider
Software Name, Vendor, Type
Software Instance Full Name, System, Organization
Subnet IP, Name, Organization
Ticket Ref, Title, Caller, Organization
Typology Name
User Login, Contact, Organization
VLAN VLAN Tag, Organization
Web Application Full Name, Web server, Organization

async_task_retries

For each class of AsynchronousTask processed by the iTop background process (i.e. cron.php), it is possible to configure whether or not to retry the processing in case of failure. This can be especially convenient for the eMails sending. Since the name of the asynchronous task in charge of sending the eMails is AsyncSendEmail, the configuration look like:

'async_task_retries' => array(
    'AsyncSendEmail' => array(
        'max_retries' => 3,
        'retry_delay' => 30,
        'exponential_delay' => true,
    ),
),

With such a configuration, if the eMail fails to send, the backround process will reschedule this email to be sent up to 3 times. The first time 30 seconds later, the second time 60 seconds (after the 2nd attempt) later and finally the third time 120 seconds later.

If exponential_delay is not specified or set to false, the time between two attempts will be the same: retry_delay.

MyModuleSettings

Some part of iTop written as independent Module, brings their own set of parameters, which are located in the Configuration file under the section:

conf/production/config-itop.php
/**
 *
 * Modules specific settings
 *
 */
$MyModuleSettings = array(
    // One array per module...
);

Password Policy

The default setting is not present but would look this way in Configuration file.

Configuration
$MyModuleSettings = array(
   'authent-local' => array (
      'password_validation.pattern' => '^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^\da-zA-Z]).{8,}$',
   ),
);

More details: User password policies

Impact Analyses

When displaying the Impact Analyses tab of a Ticket, or when displaying from a Functional CI the actions Impacts… and Depends on…, the Changes and Incidents displayed are calculated based on OQL queries configured in XML. As such they can be overwritten by a extension.

datamodels/2.x/itop-request-mgmt/datamodel.itop-request-mgmt.xml
  <parameters id="itop-config-mgmt"><relation_context><FunctionalCI><impacts>
    <down><items type="array"><item id="open_incidents" _delta="define">
      <oql><![CDATA[SELECT FCI, R FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id 
      JOIN UserRequest AS R ON L.ticket_id = R.id WHERE (R.status NOT IN ('closed', 'resolved')) 
      AND (R.request_type='incident') AND (L.impact_code != 'not_impacted')]]></oql>
      <dict>Tickets:Related:OpenIncidents</dict>
      <icon>itop-request-mgmt/images/incident-red.png</icon>
      <default>yes</default>
    </item></items></down>
    <up><items type="array"><item id="open_incidents" _delta="define">
      <oql><![CDATA[SELECT FCI, R FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id 
      JOIN UserRequest AS R ON L.ticket_id = R.id WHERE (R.status NOT IN ('closed', 'resolved')) 
      AND (R.request_type='incident') AND (L.impact_code != 'not_impacted')]]></oql>
      <dict>Tickets:Related:OpenIncidents</dict>
      <icon>itop-request-mgmt/images/incident-red.png</icon>
      <default>yes</default>
    </item></items></up>
    </impacts></FunctionalCI></relation_context>
  </parameters>

But they can also be overwritten through parameters in the Configuration file, if you have customized lifecycles of your tickets.

The default module_parameters if nothing is defined in the Configuration file, are available under /core/main.php Here is an example of a full itil iTop:

core/main.php
  'itop-tickets' =>        array (
    'relation_context' =>  array (
      'UserRequest' =>     array (
        'impacts' =>       array (
          'down' =>        array (
            'items' =>     array (
              0 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\', \'rejected\')) AND (L.impact_code != \'not_impacted\') AND (C.id != :this->id)',
                'dict' => 'Tickets:Related:OpenChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-ongoing.png',
              ),
              1 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\')) AND (L.impact_code != \'not_impacted\') AND (C.id != :this->id) AND (C.end_date < NOW() AND C.end_date > DATE_SUB(NOW(), INTERVAL 3 DAY ))',
                'dict' => 'Tickets:Related:RecentChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-done.png',
              ),
              2 =>         array (
                'oql' => 'SELECT FCI, I FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Incident AS I ON L.ticket_id = I.id WHERE (I.status NOT IN (\'closed\', \'resolved\')) AND (L.impact_code != \'not_impacted\') AND (I.id != :this->id)',
                'dict' => 'Tickets:Related:OpenIncidents',
                'icon' => 'itop-incident-mgmt-itil/images/incident-red.png',
                'default' => 'yes',
              ),
            ),
          ),
        ),
      ),
      'Incident' =>        array (
        'impacts' =>       array (
          'down' =>        array (
            'items' =>     array (
              0 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\', \'rejected\')) AND (L.impact_code != \'not_impacted\') AND (C.id != :this->id)',
                'dict' => 'Tickets:Related:OpenChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-ongoing.png',
              ),
              1 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\')) AND (L.impact_code != \'not_impacted\') AND (C.id != :this->id) AND (C.end_date < NOW() AND C.end_date > DATE_SUB(NOW(), INTERVAL 3 DAY ))',
                'dict' => 'Tickets:Related:RecentChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-done.png',
              ),
              2 =>         array (
                'oql' => 'SELECT FCI, I FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Incident AS I ON L.ticket_id = I.id WHERE (I.status NOT IN (\'closed\', \'resolved\')) AND (L.impact_code != \'not_impacted\') AND (I.id != :this->id)',
                'dict' => 'Tickets:Related:OpenIncidents',
                'icon' => 'itop-incident-mgmt-itil/images/incident-red.png',
                'default' => 'yes',
              ),
            ),
          ),
        ),
      ),
      'Change' =>          array (
        'impacts' =>       array (
          'down' =>        array (
            'items' =>     array (
              0 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\', \'rejected\')) AND (L.impact_code != \'not_impacted\') AND (C.id != :this->id)',
                'dict' => 'Tickets:Related:OpenChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-ongoing.png',
              ),
              1 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\')) AND (L.impact_code != \'not_impacted\') AND (C.id != :this->id) AND (C.end_date < NOW() AND C.end_date > DATE_SUB(NOW(), INTERVAL 3 DAY ))',
                'dict' => 'Tickets:Related:RecentChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-done.png',
              ),
              2 =>         array (
                'oql' => 'SELECT FCI, I FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Incident AS I ON L.ticket_id = I.id WHERE (I.status NOT IN (\'closed\', \'resolved\')) AND (L.impact_code != \'not_impacted\') AND (I.id != :this->id)',
                'dict' => 'Tickets:Related:OpenIncidents',
                'icon' => 'itop-incident-mgmt-itil/images/incident-red.png',
                'default' => 'yes',
              ),
            ),
          ),
        ),
      ),
    ),
  ),
  'itop-config-mgmt' =>    array (
    'relation_context' =>  array (
      'FunctionalCI' =>    array (
        'impacts' =>       array (
          'down' =>        array (
            'items' =>     array (
              0 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\', \'rejected\')) AND (L.impact_code != \'not_impacted\')',
                'dict' => 'Tickets:Related:OpenChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-ongoing.png',
              ),
              1 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status IN (\'closed\')) AND (L.impact_code != \'not_impacted\') AND (C.end_date < NOW() AND C.end_date > DATE_SUB(NOW(), INTERVAL 3 DAY ))',
                'dict' => 'Tickets:Related:RecentChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-done.png',
              ),
              2 =>         array (
                'oql' => 'SELECT FCI, I FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Incident AS I ON L.ticket_id = I.id WHERE (I.status NOT IN (\'closed\', \'resolved\')) AND (L.impact_code != \'not_impacted\')',
                'dict' => 'Tickets:Related:OpenIncidents',
                'icon' => 'itop-incident-mgmt-itil/images/incident-red.png',
                'default' => 'yes',
              ),
            ),
          ),
          'up' =>          array (
            'items' =>     array (
              0 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status NOT IN (\'closed\', \'rejected\')) AND (L.impact_code != \'not_impacted\')',
                'dict' => 'Tickets:Related:OpenChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-ongoing.png',
              ),
              1 =>         array (
                'oql' => 'SELECT FCI, C FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Change AS C ON L.ticket_id = C.id WHERE (C.outage = \'yes\') AND (C.status IN (\'closed\')) AND (L.impact_code != \'not_impacted\') AND (C.end_date < NOW() AND C.end_date > DATE_SUB(NOW(), INTERVAL 3 DAY ))',
                'dict' => 'Tickets:Related:RecentChanges',
                'icon' => 'itop-change-mgmt-itil/images/change-done.png',
              ),
              2 =>         array (
                'oql' => 'SELECT FCI, I FROM FunctionalCI AS FCI JOIN lnkFunctionalCIToTicket AS L ON L.functionalci_id = FCI.id JOIN Incident AS I ON L.ticket_id = I.id WHERE (I.status NOT IN (\'closed\', \'resolved\')) AND (L.impact_code != \'not_impacted\')',
                'dict' => 'Tickets:Related:OpenIncidents',
                'icon' => 'itop-incident-mgmt-itil/images/incident-red.png',
                'default' => 'yes',
              ),
            ),
          ),
        ),
      ),
    ),
  ),

Attachment

Define the classes of objects which can have attachment, how those attachments are displayed and previewed
New in 2.4: readonly_states defines under which environment, which object classes in what status, will prevent adding and deletion of attachments.

Attachment should be put on classes which have an org_id attribute, otherwise those attachments won't be visible to users with Allowed organizations.
environment values meaning
all The following parameters will be applied to the Console and all portals
backoffice The following parameters will be applied to the Console only
portals The following parameters will be applied to all portals only so not on the Console
position 2 values are available : properties, relations (by default is relations)
properties : the attachment files are displayed in the first tab with the object attributes.
relations : the attachment files are displayed in a new tab.
preview_max_with Define the max width when the user do a quickly overview on the file, if the preview is available for this filetype. Default value is 290.
icon_preview_max_size New in 3.0.0 Define maximum size for attachment preview to be displayed as an icon in the table,if preview is available for this filetype. In bits. Default value is 500000.
'itop-attachments' => array(
    'allowed_classes' => array(
        0 => 'Ticket',
        1 => 'Contact',
    ),
    'readonly_states' => array(
        'all' => array(
            'UserRequest' => array('closed',),
            'Change' => array('rejected','closed',)
        ),
        'portals' => array(
            'UserRequest' => array('resolved',),
        ),
    ),
    'position' => 'relations',
    'preview_max_width' => 290,
    'icon_preview_max_size' => 500000,
),

iTop OQL won't be able to retrieve the biggest attachment loaded in your iTop, but you can run the next SQL command in your database to retrieve attachments bigger than 1 Mo.

 SELECT `item_class`, `item_id`,`item_org_id`,`contents_data`,`contents_mimetype`, `contents_filename` 
   FROM attachment 
   WHERE LENGTH(contents_data) > 1000000; 
3_0_0/admin/itop_configuration_file.txt · Last modified: 2023/06/23 17:20 by 127.0.0.1
Back to top
Contact us