Service Settings

Generally, the majority of the NIM Service settings can be conveniently accessed and modified through the Configuration section of the web interface, offering a user-friendly method for system adjustments. However, it's important to note that not all settings are accessible through this simplified interface. To accommodate more comprehensive customization needs, there are additional configuration settings available. The following list includes some of these advanced settings, providing further options to tailor the service to specific requirements.

Settings.json

The NIM service uses configuration file settings.json when started. The file is maintained by the the service itself for most settings, but not for all. These other settings are described here:

Variable Validation

Key	disable_variable_validation
Type	boolean
Default Value	false
A boolean flag (true of false) to disable validation of the variables that are sent by NIM apps. It is not recommended to set this flag. Only if the variable state validation fails the flag can be used as a last resort. When set, the end-user can manipulate the variable data that is sent to the service. At the service side, the values are not checked. To reflect the setting, one of the following log messages is generated when the service is started: True WARNING: Application variable validation is disabled. This setting should be enabled in production mode (disable_variable_validation). False/Not Specified Application variable validation enabled (disable_variable_validation).

Lookup Auditing

Key	lookup_no_auditing
Type	boolean
Default Value	false
A boolean flag (true/false) to disable updating the auditing database when dealing with large lookup tables. To reflect the setting, one of the following log messages is generated when the service is started: True Auditing disabled for lookup tables. False/Not Specified Auditing enabled for all tables.

AD Max Changes Threshold

Key	ad_max_gms_delta
Type	numeric
Default Value	<unlimited>
Sets the maximum number of changes to be made in AD. This should be used when adding/deleting too many accounts from group in AD results in the error: `The administrative limit for this request was exceeded.` The number used will vary. Recommended to start with 10000. Note The sync will potentially need to run multiple times in order to process all changes when this max is set.

Name Generator Debug Logging

Key	ng_debug
Type	boolean
Default Value	false
Enables additional logging for when name generation is executed within a mapping True Enabled, additional logging is provided upon execution of mapping False/Not Specified No additional logging is provided.

Registry Keys

Memory Settings

Key	--max-old-space-size=
Path	HKLM\SYSTEM\CurrentControlSet\Services\NIM\Config\args1
Ex. Value	16384
Controls the maximum amount of committed memory to the NIM service. The default value is 4Gb. The NIM Framework provides scripts for adjusting this value.

Root Certificates

Key	NODE_EXTRA_CA_CERTS
Path	HKLM\SYSTEM\CurrentControlSet\Services\NIM\env
Ex. Value	C:\\Tools4ever\\certs\\FiddlerRoot.cer
Specifies additional CA Root certificates that should be trusted by NIM

TLS Verification

Key	NODE_TLS_REJECT_UNAUTHORIZED
Path	HKLM\SYSTEM\CurrentControlSet\Services\NIM\env
Ex. Value	0
Used for proxy support, disables verification of certificates in requests for REST Connectors

TLS Cipher List

Key	--tls-cipher-list
Path	HKLM\SYSTEM\CurrentControlSet\Services\NIM\Config\args1
Ex. Value	:!ECDHE-RSA-AES128-SHA:!ECDHE-RSA-AES128-SHA256:!ECDHE-RSA-AES256-SHA:!ECDHE-RSA-AES256-SHA384:!ECDHE-ECDSA-AES128-SHA:!ECDHE-ECDSA-AES128-SHA256:!ECDHE-ECDSA-AES256-SHA:!ECDHE-ECDSA-AES256-SHA384:!kRSA
Specify a list of ciphers is allowed or not allowed to use. Please see NodeJS Documentation for more information

TLS 1.3 Required

Key	--tls-min-v1.3
Path	HKLM\SYSTEM\CurrentControlSet\Services\NIM\Config\args1
Ex. Value
Use TLS v1.3 (Default is minimum v1.2) Please see NodeJS Documentation for more information

In this section:

NIM