ui.properties

The ui.properties file specifies attributes that affect the operation and display of the Security Identity Manager graphical user interface.

The following table defines the properties for configuring the IBM® Security Identity Manager graphical user interface.

Table 1. ui.properties properties
`IBM Security Identity Manager GUI configuration settings`
`enrole.ui.customerLogo.image`
	Specifies the file name of the graphic that is displayed on the right side of the IBM Security Identity Manager title banner. The graphic is usually a company logo. For display over the web in a browser, the format of the file must be type that the browser supports. The actual graphics file must be stored in the following location: WebSphere® Application Server: `WebSphere/AppServer/installedApps/domain-name/ITIM.ear/ itim_console.war/html/images/` You can also specify a path under the console `webapp`, /itim/console/custom/banner.gif or specify the full URL as http://`yourhost`.com/banner.gif. Example: `enrole.ui.customerLogo.image=ibm_banner.gif`
`enrole.ui.customerLogo.url`
	Specifies the URL link that is activated when you click the custom graphic image (company logo) on the right side of the IBM Security Identity Manager banner. Example: `enrole.ui.customerLogo.url=www.ibm.com`
`enrole.ui.pageSize`
	Specifies the number of list items that is initially displayed on the screen. If there are more items in the list, links are at the bottom of the list view that activate continuations of the list. For example, Page 2, Page 3, Page 4. Example: `enrole.ui.pageSize=50`
`enrole.ui.maxSearchResults`
	Specifies the maximum number of items that are returned for a search. This property limits the number of items that are returned when a search is done on the directory server. The evaluation of the ACIs is done later on these returned items. The number of items in the directory server is greater than the value specified for this property. So, the number of items that are displayed on the IBM Security Identity Manager Console might be less than the value specified. The value for this property can control possible system performance degradation when a large return of items is encountered. If you modify the value for this property, you must restart the application server. Example: `enrole.ui.maxSearchResults=1000`
`ui.banner.showForLogin`
	Specifies whether to show the console banner on the login page, rather than the default login banner. Any customization to the console banner is also on the login page when this property is in effect. yes Show the console banner in the login page. no Show the default login banner. An empty value assumes no. Example (default): `ui.banner.showForLogin=no`
`ui.footer.URL`
	Specifies the URL for the IBM Security Identity Manager Console. Specify either the full address (http://`yourhost`.com/footer.html) or an address from the IBM Security Identity Manager web server (/itim/console/custom/footer.html). A blank value uses the default address of the IBM Security Identity Manager footer. Example: `ui.footer.URL=http://itim99.mylab.raleigh.ibm.com:9080/itim/console/main`
`ui.footer.height`
	Specifies the height in pixels of the footer on the IBM Security Identity Manager Console. Example (default): `ui.footer.height=50`
`ui.footer.isVisible`
	Shows or hides the footer of the IBM Security Identity Manager Console. Valid values are as follows: yes (or blank) Shows the footer. no Hides the footer. Example (default): `ui.footer.isVisible=yes`
`ui.banner.URL`
	Specifies the URL for the banner on the IBM Security Identity Manager Console. Specify either the full address (http://`yourhost`.com/banner.html) or a path from the IBM Security Identity Manager web server (/itim/console/custom/banner.html). A blank value uses the default address of the IBM Security Identity Manager banner. Example: `ui.banner.URL=http://itim99.mylab.raleigh.ibm.com:9080/itim/console/main`
`ui.banner.height`
	Specifies the height in pixels of the banner on the IBM Security Identity Manager Console. Example (default): `ui.banner.height=48`
`ui.homepage.path`
	IBM Security Identity Manager Console home page location. Specify a relative path from the IBM Security Identity Manager Console context root (/itim/console). For example, if the full path to the home page was http://`yourhost`:9080/itim/console/custom/home.html, then the following value is ui.homepage.path=custom/home.html. The custom home page must be in the IBM Security Identity Manager web application. For example: `path`/ITIM.ear/itim_console.war/custom/home.html). A blank value uses the default address of the IBM Security Identity Manager home page. Example: `ui.homepage.path=custom/home.html`
`ui.titlebar.text`
	Specifies the text in the title bar of the browser for the IBM Security Identity Manager Console. A blank value uses the default name of the IBM Security Identity Manager product. Example: `ui.titlebar.text=Our Home Page`
`ui.userManagement.includeAccounts`
	Specifies the default behavior for including accounts when you suspend, restore, or delete users. Valid values are as follows: true Accounts are included. false Accounts are excluded. Example (default): `ui.userManagement.includeAccounts=true`
`ui.userManagement.search.attributes`
	Adds a search attribute to the default list for the Manage Users page in the IBM Security Identity Manager Console. Provide one or more attribute names in the `ui.userManagement.search.attributes` property value that is separated by a comma. Make sure to provide valid and non-repetitive attributes. Do not specify attributes that cannot be searched by using plain text. For example, audio, photo, and other similar items. Example: `ui.userManagement.search.attributes=homepostaladdress,employeenumber` By default, this property value is empty. The property adds user attributes that display in the Search By list on the Manage Users page for the person search filter.
`ui.challengeResponse.showAnswers`
	Specifies whether the answers to challenge response questions is treated as passwords or as clear text in the IBM Security Identity Manager Console of the following pages: Forgot Password page Challenge response question and answer definition page Valid values are as follows: true Answers to challenge response questions is clear text. false Answers to challenge response questions is treated as passwords. Example (default): `ui.challengeResponse.showAnswers=true`
`ui.challengeResponse.bypassChallengeResponse`
	Specifies whether the challenge response questions can be bypassed when the user first logs on to the IBM Security Identity Manager Console, the self service web user interface, or the Identity Service Center. Valid values: true When true, the user can cancel and not answer the challenge questions. false When false, the user cannot cancel. The user is forced to respond to the challenge questions. Default value: true Example: `ui.challengeResponse.bypassChallengeResponse=true`
`ui.viewAllRequests.loadDefaultQueryResult`
	Specifies whether the View All Requests page loads the default query result. true Loads the View All Requests page with default query result. false Does not load the View All Requests page with default query result. Default value: false Example: `ui.viewAllRequests.loadDefaultQueryResult=false`
`ui.allowLaunchingNewTaskWithoutWarningForActiveTask`
	Specifies whether to start selected task or not, if the same task is already active in the IBM Security Identity Manager Console. The examples of the tasks are as follows: `Create Service`, `Change Service`, `Create User`, `Change User`. true When you try to start an already active task, the existing task is closed. Starts the new task without displaying any warning message. false When you try to start an already active task, a warning message is displayed. Does not start the new task. Default value: false Example: `ui.allowLaunchingNewTaskWithoutWarningForActiveTask=false`
`ui.policyManagement.manageProvisioningPolicies.create.defaultMemberType`
	Controls default selection of policy membership. This property allows default member type to be selected while you create a provisioning policy. Allowed values are as follows: users All users in the organization. roles Roles that are specified later. others All other users who are not granted to the entitlements that are defined by this provisioning policy by way of other policies. Default value: users Example: `ui.policyManagement.manageProvisioningPolicies.create.defaultMemberType= users`
`ui.manageServices.reconcileNow.defaultSelectQuery`
	Specifies the default reconciliation query option. Allowed values are as follows: none None. use_query Use query from existing schedule. define_query Define query. Default value: none Example: `ui.manageServices.reconcileNow.defaultSelectQuery=none`
`ui.passwordManagement.defaultSelection.typePassword`
	Specifies Allow me to type a password as default over the current Generate a password for me option. Allowed values are as follows: true Selects the Allow me to type a password option and additionally none of the accounts get selected by default. false Selects the Generate a password for me option if this property is set to false or not present. Default value: false Example: `ui.passwordManagement.defaultSelection.typePassword=false`
`ui.advancedUserSearch.AllTypes.defaultSearchAttribute.names ui.advancedUserSearch.AllTypes.defaultSearchAttribute.labels`
	When you select User type as All types in the Select User Type page, the properties add the default search attributes and its labels on the Advanced Search page for users in the IBM Security Identity Manager Console. If the ui.advancedUserSearch.AllTypes.defaultSearchAttribute.names property is removed or if no value is specified, then IBM Security Identity Manager does not display any default search attribute field. Provide one or more attribute names in the ui.advancedUserSearch.AllTypes.defaultSearchAttribute.names property value, and corresponding attribute labels in the ui.advancedUserSearch.AllTypes.defaultSearchAttribute.labels property value. Make sure to provide valid, non-repetitive, and comma-separated values. Do not specify attributes that cannot be searched by using plain text. For example, audio, photo, and other similar items. Example (default): `ui.advancedUserSearch.AllTypes.defaultSearchAttribute.names=cn ui.advancedUserSearch.AllTypes.defaultSearchAttribute.labels=$cn` The property adds the default search attributes and its labels on the Advanced Search page for users when you select User type as All types in the Select User Type page.

`WfDesigner and FormDesigner applet properties`
enrole.build.version enrole.java.plugin enrole.java.plugin.classid enrole.java.pluginspage enrole.java.plugin.jpi-version enrole.java.plugin.version enrole.java.entWflowHeightIE enrole.java.entWflowWidthIE enrole.java.entWflowHeightMZ enrole.java.entWflowWidthMZ enrole.java.opWflowHeightIE enrole.java.opWflowWidthIE enrole.java.opWflowHeightMZ enrole.java.opWflowWidthMZ enrole.java.joinDirHeightIE enrole.java.joinDirWidthIE enrole.java.joinDirHeightMZ enrole.java.joinDirWidthMZ enrole.java.formDesignHeightIE enrole.java.formDesignWidthIE enrole.java.formDesignHeightMZ enrole.java.formDesignWidthMZ express.java.formDesignHeightIE express.java.formDesignWidthIE express.java.formDesignHeightMZ express.java.formDesignWidthMZ #enrole.ui.logoffURL (default is commented out) #enrole.ui.timeoutURL (default is commented out)
	You must not modify or remove any information for these properties in the property file. These property key and value pairs provide the necessary Java™ applet support required by the Java Web Start that runs the IBM Security Identity Manager Console.

`Report menu properties`
`enrole.ui.report.maxRecordsInReport`
	Displays the number of records that can be displayed in a PDF report without encountering an Out of Memory error. The number does not ensure that PDF report generation is successful. If the report contains more records than specified by this property, PDF report generation is not attempted. Example: `enrole.ui.report.maxRecordsInReport=5000`

`Enable or disable WebSEAL single sign-on (SSO)`
`enrole.ui.ssoEnabled`
	The property key and value pairs do not pertain to the IBM Security Identity Manager Console. Enable or disables WebSEAL single sign-on. More configuration is required for WebSEAL single sign-on. Valid values are as follows: true WebSEAL single sign-on is enabled. false WebSEAL single sign-on is disabled. Example (default): `enrole.ui.ssoEnabled=false`
`enrole.ui.ssoEncoding`
	Specifies the encoding that is used to decode user credentials with WebSEAL single sign-on. Example (default): `enrole.ui.ssoEncoding=UTF-8`

`Refresh properties`
`enrole.ui.httpRefreshSecs`
	Defines, in seconds, the refresh rate for pages within the IBM Security Identity Manager Console. This property is used during policy previews. Example (default): `enrole.ui.httpRefreshSecs=10`

`Search class mapping for ObjectProfileCategory`
	The property key and value pairs do not pertain to the IBM Security Identity Manager Console and must not be modified or removed.

`Justification field configuration properties`
`ui.displayJustification`
	Specifies whether the Justification field is displayed in the user interface. By default, the Justification field is not displayed. Use in conjunction with the `enrole.justificationRequired` property in the enRole.properties file. Example (default): `ui.displayJustification=false`

`Identity Service Center as the default user interface configuration property`
`ui.defaultui.redirectSelfToISC`
	Specifies whether the Identity Service Center user interface is set as the default user interface. If a user is already authenticated to the IBM Security Identity Manager, and starts the self-service user interface, no redirection happens. true If the Identity Service Center is deployed and if a user starts the self-service user interface, then the self-service user interface redirects the user to the Identity Service Center. false When a user starts the self-service user interface, it does not redirect a user to theIdentity Service Center. The self-service user interface starts. Example (default): `ui.defaultui.redirectSelfToISC=false`

`Generate password configuration property`
`ui.passwordManagement.generatePassword`
	Specifies which change password options to enable on the Identity Service Center user interface. This property is applicable only when the Enable password editing is selected in the administrative console. The valid values are: true Enables both the Generate a password for me and Allow me to type a password options. The `ui.passwordManagement.defaultSelection.typePassword` property is applicable only if the property `ui.passwordManagement.generatePassword` is set to `true`. false Enables the Generate a password for me option and disables the Allow me to type a password option. Example (default): `ui.passwordManagement.generatePassword=true`

`Challenge response answers display configuration property`
`ui.challengeResponse.showAnswers`
	Shows or hides the challenge response answers that a user types in the text box. The valid values are: true Shows what a user types. false Hides what a user types. Example (default): `ui.challengeResponse.showAnswers=true`

`Prompt password change after password is reset with the 'Forgot password' action`
`ui.isc.forgotPassword.promptPasswordChangeOnFirstLogin`
	This property is used in the Identity Service Center to show or hide the prompt to change the password for the user when they log on for the first time after the password is reset by using the Forgot password action in the Identity Service Center user interface. This property has no effect when password sync is enabled. The valid values are: true Prompts the user to change the password after password is reset by using the Forgot password action. false Does not prompt the user to change the password after password is reset by using the Forgot password action. Example (default): `ui.isc.forgotPassword.promptPasswordChangeOnFirstLogin=false`
`show.random.challenge.missing.user`
	Specifies whether additional security against any possible attack is enabled. Enabling the property will provide a random set of challenges as a response to Forgotten Password Questions for an invalid Identity Manager user in the administrative console or self-service user interface. By default, the property is enabled. Example: `show.random.challenge.missing.user=true`
`challenge.response.random.question.<number>`
	Lists the random challenges to display for an invalid IBM Security Identity Manager user in console or Self-Service UI. All keys must start with challenge.response.random.question and must end with the number suffix. You must follow the order of numbers. Examples: `challenge.response.random.question.1=What was the name of your first school? challenge.response.random.question.2=What was the make and model of your first car? challenge.response.random.question.3=What is your favorite color? challenge.response.random.question.4=What is your mother's middle name? challenge.response.random.question.5=What was your childhood nickname?`