Setting up an administrator configuration override file

7.2 Setting up an administrator configuration override file

As an administrator, you can provide a configuration file that provides overrides to the user's preferences; you can also specify whether the user can override these defaults.

To provide a configuration override file, create the following file:

%ProgramData%/Intercede/MyID Client/MyIDClientConfig.xml

For example:

Copy

<configuration>
    <appSettings>
        <add key="ServerAddress" value="http://myid.example.com"/>
        <add key="AllowedServers" value="Production = https://myid.example.com, Test = https://testmyid.example.com,https://myid2.example.com" />
        <add key="Username" value="susan.smith"/>
        <add key="EnableRememberMe" value="true"/>
        <add key="ClientID" value="c522dd89-a35d-4de6-b8d8-35d97614fc69"/>
        <add key="UseLegacySsaPlatform" value="true"/>
        <add key="UseLegacyPassphraseCollection" value="false"/>
        <add key="EnableLogging" value="false" isUserOverridable="true"/>
        <add key="LogFilePath" value="C:\Logs\myidClientLog.xml" isUserOverridable="True" />
        <add key="UmcLogFilePath" value="C:\Logs\IntercedeUMC.log" isUserOverridable="True" />
        <add key="EnableWebServiceLogging" value="false" isUserOverridable="false"/>
        <add key="CardPickerHeaderPrecedence" value="dfn;chn;dtn">
    </appSettings>
</configuration>

Each option contains a key and a value. By default, if the option exists in the configuration file, the user cannot use the Configuration screen in the MyID Client for Windows to override it; if you want the user to be able to override it, you can add isUserOverridable="true" to the option.

The following options are available:

ServerAddress – corresponds to the Server Address field in the Communication section.

See section 7.2.1, Server location.
AllowedServers – allows you to configure a list of servers rather than allowing the user to type a server location. This also allows you to specify a server on the command line or using a hyperlink.

See section 7.2.1, Server location.
Username – corresponds to the Username field in the Authentication section.
EnableRememberMe – corresponds to the Enable 'Remember Me' option in the Authentication section.
ClientID – corresponds to the Client ID field in the Communication section.
UseLegacySsaPlatform – set this option to true to allow you to use the MyID Client for Windows with MyID CMS servers from version 12.4 to version 12.10. This setting is not required for MyID 12.11 or later.
UseLegacyPassphraseCollection – set this option to true to allow you to use the MyID Client for Windows with MyID CMS servers from version 12.4 to version 12.11. (If your MyID server is from version 12.4 to version 12.10 you must also set the UseLegacySsaPlatform option.) This setting is not required for MyID 12.12 or later.

Note: If you set this configuration option, support for authentication using external identity providers is disabled.
EnableLogging – corresponds to the Enable Log File option in the Logging section.
LogFilePath – corresponds to the Log File Location field in the Logging section.
UmcLogFilePath – corresponds to the Smart Card log file location field in the Logging section.
EnableWebServiceLogging – corresponds to the Verbose Web Service Logging option in the Logging section.
CardPickerHeaderPrecedence – allows you to set the precedence for the label used when selecting a device. See section 7.1.6.1, Advanced configuration options for details.

7.2.1 Server location

You can set the server location in the configuration file.

To set a single server location, use the following:

Copy

<add key="ServerAddress" value="http://myid.example.com"/>

Where the value is the address of the server you want to use.

If you want to provide a list of servers from which the user can select, use the following:

Copy

<add key="AllowedServers" value="Production = https://myid.example.com, Test = https://testmyid.example.com,https://myid2.example.com" />

Where the value is a comma-separated list of server addresses. You can also optionally provide a display name for each server:

Display Name = https://<serveraddress>

These display names are provided in the following places:

In the drop-down list on the connection screen.

See section 4, Launching the MyID Client for Windows.
In the Default Server Address field in the Communication section of the Configuration screen.

See section 7.1.2, Setting communication options.
Next to the server address in the title bar at the top right of the window.

By default, the MyID Client for Windows uses the first server in the AllowedServers list. If you want to specify a different server as the default, you can set the ServerAddress option to your preferred default server:

Copy

<add key="ServerAddress" value="http://testmyid.example.com" isUserOverridable="True" />
<add key="AllowedServers" value="Production = https://myid.example.com, Test = https://testmyid.example.com,https://myid2.example.com" />

If you set the isUserOverridable option to "True" on the ServerAddress option, the user can change the server to any of the allowed servers using the Default Server Address drop-down list in the Communication section of the Configuration screen.