Overview

Universal Controller contains three types of configurable properties:

Universal Controller Start-up Properties (uc.properties)	Universal Controller start-up properties are the default properties contained in the uc.properties file when the Controller is installed. These properties are required for Controller start-up and operation. The values for these properties are set during the installation process. Some of the values are based on information that you provide during the installation. You can reset these properties by stopping the Controller, editing uc.properties, and restarting the Controller. The changes will take effect after the restart (see Starting and Stopping Universal Controller).
Universal Controller System Properties	Universal Controller system properties define Controller system information and performance. They have their values set during installation. You can reset these properties at any time, without having to stop the Controller, via the user interface. Note In a High Availability environment, all Universal Controller cluster nodes share the same database; therefore, updating Universal Controller System Properties for one cluster node applies to all cluster nodes.
Command Line Interface (CLI) Properties	CLI provides a sample configuration file, `cmdtools.props`, that you can use to pass CLI Global parameters to a CLI command.

Note

Properties for Universal Message Service (OMS) are installed as configuration file options when OMS is installed as a component of Universal Agent. The values for these options are set during the installation. There are several configuration methods available for changing these values.

Universal Controller Start-up Properties (uc.properties)

The uc.properties file is read by the Controller, which is started by Tomcat.

The uc.properties file resides here:

[tomcat directory]\conf

Note

The backslash character in a property value must be escaped as a double backslash.

For example:

example.path=c:\\stonebranch\\uc

Property Name	Description	Default
For MySQL:
`uc.db.mysql.character_encoding`	Allows the retrieval of output with extended unicode characters. If the property is not set, character encoding will not be used in the JDBC URL. Examples: uc.db.mysql.character_encoding=US-ASCII uc.db.mysql.character_encoding=Cp1252 uc.db.mysql.character_encoding=UTF-8
`uc.db.rdbms=mysql`	Database type. Specify this property if you are using a MySQL database.
`uc.db.url=jdbc:mysql://localhost/`	JDBC connect URL. Specify this property if you are using a MySQL database.
For SQLServer
`uc.db.rdbms=sqlserver`	Database type. Specify this property if you are using a SQLServer database.
`uc.db.url=jdbc:sqlserver://localhost:1433;DatabaseName=uc`	JDBC connect URL. Specify this property if you are using a SQLServer database.
For Oracle
`uc.db.rdbms=oracle`	Database type. Specify this property if you are using an Oracle database.
`uc.db.url=jdbc:oracle:thin:@//localhost:1521/@oracle.db.name@`	JDBC connect URL. Specify this property if you are using an Oracle database.
For All Databases
`uc.db.name`	IMPORTANT If you specify a database name in this property and in uc.db.url, the names must be the same. Name for the Controller database.	uc
`uc.db.password`	Database password that will be replaced by `uc.db.password.encrypted` in the `uc.properties` file upon start-up. The `uc.properties` file is refreshed every 5 minutes to accommodate changes to this property without requiring a restart. Every 5 minutes, `uc.properties` is read, and if this property value has changed, then that new value will be used within the Controller.	(none)
`uc.db.password.encrypted`	Encrypted version of `uc.db.password` that will replace `uc.db.password` in the `uc.properties` file upon start-up.	(none)
`uc.db.pooler.connections`	Sets the minimum number of idle connections to maintain in the Server connection pool, or zero to create none. The Server connection pool is used by all internal database transactions.	1
`uc.db.pooler.connections.Client`	Sets the minimum number of idle connections to maintain in the Client connection pool, or zero to create none. The Client connection pool is used by all user interface related database transactions.	1
`uc.db.pooler.connections.max`	Sets the maximum number of connections that can be allocated by the Server connection pool at a given time. The Server connection pool is used by all internal database transactions. Note The installer overrides the default by configuring a maximum number of 40 in the `uc.properties` file.	30
`uc.db.pooler.connections.max.Client`	Sets the maximum number of connections that can be allocated by the Client connection pool at a given time. The Client connection pool is used by all user interface related database transactions.	30
`uc.db.pooler.connections.max.Reserved`	Sets the maximum number of connections that can be allocated by the Reserved connection pool at a given time. The Reserved connection pool is used by all critical internal database transactions.	30
`uc.db.pooler.connections.Reserved`	Sets the minimum number of idle connections to maintain in the Reserved connection pool, or zero to create none. The Reserved connection pool is used by all critical internal database transactions.	1
`uc.db.secrets_provider`	Specifies which secrets provider to use for the password. If left unspecified, Universal Controller is assumed to be the provider, and the controller will continue to load the password from the uc.properties using one of the following properties. `uc.db.password` `uc.db.password.encrypted` Note Property `uc.db.password` is immediately saved back as `uc.db.password.encrypted` with an encrypted value. If property `uc.db.secrets_provider` is specified, it must be one of the following values, otherwise, a failure will be logged and `uc.properties` must be refreshed. uc.db.secrets_provider=uc (or not specified) - Universal Controller uc.db.secrets_provider=aws_secrets_manager - AWS Secrets Manager uc.db.secrets_provider=azure_key_vault - Azure Key Vault uc.db.secrets_provider=cyberark_credential_provider - CyberArk Credential Provider uc.db.secrets_provider=cyberark_central_credential_provider - CyberArk Central Credential Provider The controller will then load all the properties associated with the specified provider. See Secrets Provider Properties for the properties associated with each provider.	(none)
`uc.db.url.append.properties`	Allows additional options to be appended to the JDBC URL generated by Universal Controller. Example:	(none)
`uc.db.user`	Login ID that the Controller will use to log in to your database. The `uc.properties` file is refreshed every 5 minutes to accommodate changes to this property without requiring a restart. Every 5 minutes, `uc.properties` is read, and if this property value has changed, then that new value will be used within the Controller.	root
For LDAP:
`uc.ldap.groups.filter_indirect`	When this property is set to true, any Groups synchronized indirectly (that is, through a User's memberOf attribute) will honor the Group search filter and Group OU filters under the LDAP Advanced Settings section. Note The code default for this property, which is used if this property is not set, is false.	true
`uc.ldap.groups.single_parent_per_child`	IMPORTANT This property should be set to true only if your Groups being synchronized from AD have at most one parent Group. When synchronizing Groups, the default behavior in the Controller is to copy the members of a Sub Group into the Parent Group. When this property is set to true, the Controller assumes that each Group has, at most, a single Parent Group and will use the Parent field on the Group definition to maintain the hierarchy instead of copying members.	false
`uc.ldap.groups.update_members`	IMPORTANT This property should be set to false only when synchronizing Groups from AD, and the number of values for the member attribute exceeds the `MaxValRange` LDAP policy (and the `MaxValRange` cannot be increased). When synchronizing Groups, the default behavior in the Controller is to use the multi-valued member attribute to update the members for a Group; however, AD limits the number of values returned for an attribute, which can result in Group members being removed unexpectedly. This limit is determined by the `MaxValRange` LDAP policy (typically 1,500). When this property is set to false, the Controller will not use the member attribute values to update members when synchronizing Groups from AD. Group membership will continue to be updated based on the memberOf attribute values when synchronizing Users from AD.	true
`uc.ldap.users.synchronize_by_range`	IMPORTANT This property should be set to false only if your LDAP server supports paged results. When synchronizing Users, the default behaviour in the Controller is to search based on ranges, using a filter like (&(uid>=a)(uid<=b)). To use the <= or >= operators in a filter, an ordering rule must be defined for the attribute in the LDAP schema. OpenLDAP's schema does not define an ordering rule for the User Id Attribute (for example, uid), so searches using filters like the above do not return any results. When this property is set to false, the Controller will not search based on ranges when synchronizing Users.	true
`uc.ldap.users.synchronize_indirect`	IMPORTANT This property should be set to true only if your LDAP server does not support the User Membership Attribute (for example, memberOf). Synchronizes LDAP users indirectly based on group membership. This only applies to groups that users are direct members of. When this property is set to true, the following will apply for the LDAP refresh (scheduled and server operations): Users will not be synchronized directly based on the User Filter and User Target OU List. Groups will continue to be synchronized directly based on the Group Filter and Group Target OU List. For each matching group, the Group Member Attribute (for example, member) will be used to synchronize users matching the User Filter and User Target OU List Note The `uc``.ldap.groups.update_members` property will be ignored when indirect user synchronization is enabled. Note There is currently no support for nested groups if the User Membership Attribute is not supported by the LDAP server.	false
`uc.ldap.users.update_memberships_on_login`	IMPORTANT This property should *not* be set to true if group membership for users is static, since there is extra overhead to process the groups, which may impact login performance. When this property is set to true, LDAP group memberships for existing LDAP users are updated upon successful login. Note When dynamically creating a new LDAP user at login, the user will be added only to groups that it is a direct member of. Likewise, when updating an existing LDAP user at login, the user will be removed from any groups that it is not a direct member of. Therefore, it is not recommended that you enable this property if a group hierarchy exists, since the user will be removed from any parent groups when logging in. (Group membership for the parent groups will be restored the next time the LDAP refresh runs; however, this can take up to 24 hours.)	false
For OAuth Single Sign-On:
`uc.oauth.can_provision_local`	Specifies if a user authenticating through OAuth Single Sign-On can be updated using the Access / ID Token if the user was created manually.	false
`uc.oauth.can_provision_any_idp`	Specifies if a user authenticating through OAuth Single Sign-On can be updated using the Access / ID Token of a provider that differs from the provider the user was originally provisioned by.	false
`uc.saml.log.level`	The `saml.log.level` property is used to configure the log level when OAuth Single Sign-On or SAML Single Sign-On is enabled.	INFO
For SAML Single Sign-On:
`uc.saml.log.level`	Configures the log level for the Spring SAML2 Service Provider framework. Options are ALL TRACE DEBUG INFO WARN ERROR For backwards compatibility, property `saml.log.level` is still supported when property `uc.saml.log.level` is not specified.	INFO
`uc.saml.metadata.refresh_interval`	The Identity Provider Metadata refresh interval in milliseconds; minimum = 30000, maximum = 2147483647.	120000
`uc.saml.signature_algorithm_uri`	By default, the saml2:AuthnRequest will be signed using rsa-sha256, though some Identity Providers will require a different algorithm. To configure the algorithm automatically based on the Identity Provider’s metadata, do not specify this property. Alternatively, you can manually override the default configuration by specifying this property.	http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 or as specified by the Identity Provider’s metadata.
`uc.saml.authn_request.force_authn`	Specifies (true of false) whether the Identity Provider should force the user to reauthenticate.	false
`uc.saml.authn_request.want_signed`	Set the WantAuthnRequestsSigned setting, indicating (true or false) the Identity Provider's preference that Service Providers should sign the AuthnRequest before sending. To configure the setting automatically based on the Identity Provider’s metadata, do not specify the property.	Specified by the Identity Provider’s metadata.
`uc.saml.can_provision_local`	Specifies if a user authenticating through SAML Single Sign-On can be updated using the SAML Assertion if the user was created manually.	false
`uc.saml.can_provision_any_idp`	Specifies if a user authenticating through SAML Single Sign-On can be updated using the SAML Assertion of a provider that differs from the provider the user was originally provisioned by.	false
For TrustStore:
`uc.trustmanager.truststore`	Location of the keystore which holds certificates and keys.	properties/cacerts
`uc.trustmanager.truststore.type`	The default TrustStore type. The following case-insensitive values are supported: JKS PKCS12	`KeyStore.getDefaultType()` (PKCS12 as of Java 8)
`uc.trustmanager.truststore.provider`	The default TrustStore provider.	(none)
`uc.trustmanager.truststore.password`	Password (if required) for the keystore that will be replaced by `uc.trustmanager.truststore.password.encrypted` in the `uc.properties` file upon start-up.	changeit
`uc.trustmanager.truststore.password.encrypted`	Encrypted version of `uc.trustmanager.truststore.password` that will replace `uc.trustmanager.truststore.password` in the `uc.properties` file upon start-up.	(none)
For OpenTelemetry: To configure all of your OpenTelemetry settings in the uc.properties, but disable the feature until required, you can add the following property. `uc.otel.sdk.disabled=true` To enable the feature while the controller is running, you only need to set the `uc.otel.sdk.disabled` to `false` by updating the uc.properties, or by using the Server Operation > Temporary Property Change from the user interface. If you choose to update the uc.properties, the controller refreshes the property file at a 10 minute interval. You can increase this interval by adding the following property to the uc.properties. `uc.property.refresh_interval_in_seconds=60` The update from Server Operation > Temporary Property Change initiates the reconfiguration immediately.
`uc.otel.sdk.disabled`	If `true`, disable the OpenTelemetry SDK.	false
`uc.otel.traces.exporter`	If `none`, no traces exporter configured.	otlp
`uc.otel.metrics.exporter`	If `none`, no metrics exporter configured.	otlp
`uc.otel.exporter.otlp.service.name`	Specifies a custom logical name for the service. If left unspecified, the service name is controller.	controller
`uc.otel.exporter.otlp.protocol`	The transport protocol to use on OTLP trace, and metric requests. Options include `grpc` and `http/protobuf`.	grpc
`uc.otel.exporter.otlp.traces.protocol`	The transport protocol to use on OTLP trace requests. Options include `grpc` and `http/protobuf`.	grpc
`uc.otel.exporter.otlp.metrics.protocol`	The transport protocol to use on OTLP metric requests. Options include `grpc` and `http/protobuf`.	grpc
`uc.otel.exporter.otlp.endpoint`	The OTLP traces, and metrics endpoint to connect to. Must be a URL with a scheme of either `http` or `https` based on the use of TLS. If protocol is `http/protobuf` the version and signal will be appended to the path (e.g. `v1/traces`, or `v1/metrics`). For example, `http://localhost:4317` when protocol is `grpc`, and `http://localhost:4318/v1/{signal}` when protocol is `http/protobuf`.	(none)
`uc.otel.exporter.otlp.traces.endpoint`	The OTLP traces endpoint to connect to. Must be a URL with a scheme of either `http` or `https` based on the use of TLS. For example, `http://localhost:4317` when protocol is `grpc`, and `http://localhost:4318/v1/traces` when protocol is `http/protobuf`.	(none)
`uc.otel.exporter.otlp.metrics.endpoint`	The OTLP metrics endpoint to connect to. Must be a URL with a scheme of either `http` or `https` based on the use of TLS. For example, `http://localhost:4317` when protocol is `grpc`, and `http://localhost:4318/v1/metrics` when protocol is `http/protobuf`.	(none)
`uc.otel.exporter.otlp.certificate`	The path to the file containing trusted certificates to use when verifying an OTLP trace, or metric server's TLS credentials. The file should contain one or more X.509 certificates in PEM format.	By default, the host platform's trusted root certificates are used.
`uc.otel.exporter.otlp.traces.certificate`	The path to the file containing trusted certificates to use when verifying an OTLP trace server's TLS credentials. The file should contain one or more X.509 certificates in PEM format.	By default, the host platform's trusted root certificates are used.
`uc.otel.exporter.otlp.metrics.certificate`	The path to the file containing trusted certificates to use when verifying an OTLP metric server's TLS credentials. The file should contain one or more X.509 certificates in PEM format.	By default, the host platform's trusted root certificates are used.
`uc.otel.exporter.otlp.client.key`	The path to the file containing private client key to use when verifying an OTLP trace, or metric client's TLS credentials. The file should contain one private key PKCS8 PEM format.	By default, no client key is used.
`uc.otel.exporter.otlp.traces.client.key`	The path to the file containing private client key to use when verifying an OTLP trace client's TLS credentials. The file should contain one private key PKCS8 PEM format.	By default, no client key file is used.
`uc.otel.exporter.otlp.metrics.client.key`	The path to the file containing private client key to use when verifying an OTLP metric client's TLS credentials. The file should contain one private key PKCS8 PEM format.	By default, no client key file is used.
`uc.otel.exporter.otlp.client.certificate`	The path to the file containing trusted certificates to use when verifying an OTLP trace, or metric client's TLS credentials. The file should contain one or more X.509 certificates in PEM format.	By default, no chain file is used.
`uc.otel.exporter.otlp.traces.client.certificate`	The path to the file containing trusted certificates to use when verifying an OTLP trace server's TLS credentials. The file should contain one or more X.509 certificates in PEM format.	By default, no chain file is used.
`uc.otel.exporter.otlp.metrics.client.certificate`	The path to the file containing trusted certificates to use when verifying an OTLP metric server's TLS credentials. The file should contain one or more X.509 certificates in PEM format.	By default, no chain file is used.
`uc.otel.exporter.otlp.headers`	Key-value pairs separated by commas to pass as request headers on OTLP trace, or metric requests.	(none)
`uc.otel.exporter.otlp.traces.headers`	Key-value pairs separated by commas to pass as request headers on OTLP trace requests.	(none)
`uc.otel.exporter.otlp.metrics.headers`	Key-value pairs separated by commas to pass as request headers on OTLP metrics requests.	(none)
`uc.otel.exporter.otlp.compression`	The compression type to use on OTLP trace, and metric requests. Options include `gzip`.	By default, no compression will be used.
`uc.otel.exporter.otlp.traces.compression`	The compression type to use on OTLP trace requests. Options include `gzip`.	By default, no compression will be used.
`uc.otel.exporter.otlp.metrics.compression`	The compression type to use on OTLP metric requests. Options include `gzip`.	By default, no compression will be used.
`uc.otel.exporter.otlp.timeout`	The maximum waiting time, in milliseconds, allowed to send each OTLP trace, and metric batch.	10000
`uc.otel.exporter.otlp.traces.timeout`	The maximum waiting time, in milliseconds, allowed to send each OTLP trace batch.	10000
`uc.otel.exporter.otlp.metrics.timeout`	The maximum waiting time, in milliseconds, allowed to send each OTLP metric batch.	10000
`uc.otel.exporter.otlp.metrics.temporality.preference`	The preferred output aggregation temporality. Options include `DELTA`, `LOWMEMORY`, and `CUMULATIVE`. If `CUMULATIVE`, all instruments will have cumulative temporality. If `DELTA`, counter (sync and async) and histograms will be delta, up down counters (sync and async) will be cumulative. If `LOWMEMORY`, sync counter and histograms will be delta, async counter and up down counters (sync and async) will be cumulative.	CUMULATIVE
`uc.otel.exporter.otlp.metrics.default.histogram.aggregation`	The preferred default histogram aggregation. Options are: BASE2_EXPONENTIAL_BUCKET_HISTOGRAM EXPLICIT_BUCKET_HISTOGRAM.	EXPLICIT_BUCKET_HISTOGRAM
For Prometheus Metrics:
`uc.prometheus.metrics.uc_history_total.optional_labels`	Specifies optional labels for `uc_history_total` metric. The property value is specified as comma-delimited list of optional labels. Options are: agent_id task_name security_business_services task_instance_exit_code For example: `uc.prometheus.metrics.uc_history_total.optional_labels=agent_id,task_name`	(none)
`uc.prometheus.metrics.uc_task_instance_duration_seconds.optional_labels`	Specifies optional labels for `uc_task_instance_duration_seconds` metric. The property value is specified as comma-delimited list of optional labels. Options are: agent_id task_name security_business_services For example: `uc.prometheus.metrics.uc_task_instance_duration_seconds.optional_labels=agent_id,task_name`	(none)
`uc.prometheus.metrics.uc_task_instance_early_finish_total.optional_labels`	Specifies optional labels for `uc_task_instance_early_finish_total` metric. The property value is specified as comma-delimited list of optional labels. Options are: agent_id task_name security_business_services For example: `uc.prometheus.metrics.uc_task_instance_early_finish_total.optional_labels=agent_id,task_name`	(none)
`uc.prometheus.metrics.uc_task_instance_late_finish_total.optional_labels`	Specifies optional labels for `uc_task_instance_late_finish_total` metric. The property value is specified as comma-delimited list of optional labels. Options are: agent_id task_name security_business_services For example: `uc.prometheus.metrics.uc_task_instance_late_finish_total.optional_labels=agent_id,task_name`	(none)
`uc.prometheus.metrics.uc_task_instance_late_start_total.optional_labels`	Specifies optional labels for `uc_task_instance_late_start_total` metric. The property value is specified as comma-delimited list of optional labels. Options are: agent_id task_name security_business_services For example: `uc.prometheus.metrics.uc_task_instance_late_start_total.optional_labels=agent_id,task_name`	(none)
`uc.prometheus.metrics.uc_task_instance_launch_total.optional_labels`	Specifies optional labels for `metrics.uc_task_instance_launch_total` metric. The property value is specified as comma-delimited list of optional labels. Options are: agent_id task_name security_business_services For example: `uc.prometheus.metrics.uc_task_instance_launch_total.optional_labels=agent_id,task_name`	(none)
`uc.prometheus.metrics.uc_universal_event_total.optional_labels`	Specifies optional labels for `uc_universal_event` metric. The property value is specified as comma-delimited list of optional labels. Options are: agent_id task_name security_business_services For example: `uc.prometheus.metrics.uc_universal_event_total.optional_labels=agent_id,task_name`	(none)
`uc.prometheus.metrics.uc_task_instance_duration_seconds.buckets`	Specifies the buckets to use for the `uc_task_instance_duration_seconds` histogram. The property value is specified as comma-delimited list of double or integer values. For example: `uc.prometheus.metrics.uc_task_instance_duration_seconds.buckets=` `1,2.5,5,10,15,30,45,60,150,300,600,900,1800,2700,3600`	(none)
Other Properties:
`jdk.xml.entityExpansionLimit`	Limits the number of XML entity expansions. Valid values are any positive integer. A value equal to 0 indicates no limit. If `jdk.xml.entityExpansionLimit` is not specified in `uc.properties` (or on start-up with `-Djdk.xml.entityExpansionLimit=<limit>`), Universal Controller will initialize it to a default value of 1. If `jdk.xml.entityExpansionLimit` is specified on start-up with `-Djdk.xml.entityExpansionLimit=<limit>`, this takes precedence over the Universal Controller default value of 1. If `jdk.xml.entityExpansionLimit` is specified in `uc.properties`, this takes precedence over specifying it on start-up with `-Djdk.xml.entityExpansionLimit=<limit>`.	1
`uc.date.formats`	Accepted input date formats for Date Functions and Stored Procedure parameters. For example: `uc.date.formats=yyyy/MM/dd;dd/MM/yyyy`. Formats can vary, but years must be defined with four digits (yyyy). Formats are used on a "first match" basis.
`uc.email.attachments.local.path`	Directory location from where files can be attached for a specific Cluster Node / Server. You must specify a location in this property in order for the Attach Local File field to display in the Email Task and Email Notifications Details. The `uc.properties` file is refreshed every 5 minutes to accommodate changes to this property without requiring a restart. Every 5 minutes, `uc.properties` is read, and if this property value has changed, that new value then will be used within the Controller. This property is local to the Cluster Node and must be specified on each Node based upon the path for that Node. Each Node can have a different path, but they should point to the same shared physical location in order to achieve the expected behavior. Best practices would be to use the same path in each Node.
`uc.action.email_notification.attach_output.subscription.timeout_in_seconds`	Number of seconds for Email Notification output timeout.	180
`uc.keymanager.algorithm`	Java key manager algorithm. For IBM AIX, the value must be IbmX509. For all other platforms, use the default value. If no value is specified, the configured JVM default will be used.
`uc.keymanager.client.alias`	If multiple certificates reside in the keystore that could match the OMS server's certificate request, specifying an alias ensures that the intended client certificate is presented to the OMS server.
`uc.keymanager.keystore`	Location of the keystore which holds certificates and keys.
`uc.keymanager.keystore.password`	Password (if required) for the keystore that will be replaced by `uc.keymanager.keystore.password.encrypted` in the `uc.properties` file upon start-up.
`uc.keymanager.provider`	Java key manager provider. For IBM AIX, the value must be IBMJSSE2. For all other platforms, use the default value. If no value is specified, the configured JVM default will be used.
`uc.logging.appenders`	Location of STDOUT file logging. The property value is specified as comma-delimited list of optional labels. Options are: console file none The default value when not configured will be `file` in order to behave the same as previous releases and would be the same as specifying the following: `uc.logging.appenders=file` For containers, or any situation that does not want logging to go to a rolling file, that want the logging strictly to the console (stdout), the following should be specified in the `uc.properties` file: `uc.logging.appenders=console` If no logging is required, then the following would be specified in the `uc.properties` file: `uc.logging.appenders=none` If the property is specified, but no valid entries above are in the property value, then the default value of `file` is used.	file
`uc.mbean.catalina.manager.name`	The Controller uses the Catalina:type=Manager MBean for the User Sessions feature. To determine the Manager MBean object name, the Controller dynamically determines the context. For example: `Catalina:type=Manager,context=/uc,host=localhost` If the following error appears in the Console while you are using the User Sessions feature, you may need to configure this property manually: `Universal Controller not configured for user session operations.` In the uc.log, you would see the following: `javax.management.InstanceNotFoundException: Catalina:type=Manager,context=/uc,host=localhost`
`uc.node.transient`	Specifies (true or false) if the node is a transient Cluster Node.	false
`uc.oms.service_timeout`	Sets the OMS service timeout value specifying the number of seconds of inactivity before a timeout exception will be thrown. For example, you will see the following in the uc.log: Default (180 seconds) `2021-08-04-21:12:25:542 -0400 INFO [UC.OMS.Monitor.0] Created: OMSServerConnection [userName=null, clientId=ops.controller.f9a86ee2bd5e4928b3173b186e0feb3c, clientInstance=15296bc7-e994-49eb-a6cf-0ecbf72d5f2f, transportAddresses=OMSTransportAddress [[localhost/127.0.0.1:7878]], nft=true, socketTimeout=30, serviceTimeout=180, authenticateServer=false, serverAddress=null, nextSessionId=0, isClosing=false, connectionInstance=1]` uc.oms.service_timeout=300 `OMSServerConnection [userName=null, clientId=ops.controller.f9a86ee2bd5e4928b3173b186e0feb3c, clientInstance=96e45eb5-c513-489a-8746-6223e962e901, transportAddresses=OMSTransportAddress [[localhost/127.0.0.1:7878]], nft=true, socketTimeout=30, serviceTimeout=300, authenticateServer=false, serverAddress=null, nextSessionId=0, isClosing=false, connectionInstance=1]`	180
`uc.overdue.timer.startup.threshold`	Maximum number of days after which an overdue trigger is considered "stale/expired."	2
`uc.servlet.port`	Port number used by Tomcat.	8080
`uc.task.sap.credential_type.required.compatibility_mode`	If the SAP Credential Type Required system property is enabled, specifies (true or false) if an SAP Task will continue to run (instead of ending in Start Failure) when referencing a non-SAP-type Credential (at the task level SAP Credentials or job step level SAP User Credentials).	false
`uc.task.sap.rpc.timeout`	Sets the timeout value in seconds for the SAP RPC calls.	120
`uc.task.sap.username.restricted.compatibility_mode`	If the SAP User Name Restricted system property is enabled, specifies (true or false) if an SAP Task will continue to run (instead of ending in Start Failure) when a job step specifies an SAP User Name.	false
`uc.task.zos.view_edit_jcl.timeout`	Sets the JCL service timeout value specifying the number of seconds to wait for the agent response before a timeout exception will be thrown.	60
`uc.trustmanager.algorithm`	Java trust manager algorithm. For IBM AIX, the value must be IbmX509. For all other platforms, use the default value.	SunX509
`uc.trustmanager.provider`	Java trust manager provider. For IBM AIX, the value must be IBMJSSE2. For all other platforms, use the default value.	SunJSSE
`uc.trustmanager.ssl.protocols`	Comma-separated list of SSL/TLS protocols that can be used for Controller/OMS communications. If the property does not contain a protocol list, a default SSL/TLS context will be referenced for building the SSL/TLS socket used for Controller/OMS communications. If the property is used, only those protocols will be enabled for the Controller/OMS session. If the property is not used, only the protocols specified in currently configured default SSL/TLS Context's default SSL/TLS protocol list will be enabled for the Controller/OMS session.
`uc.ui.session_timeout`	Default browser session timeout, in minutes. To use the Tomcat session configuration (default 30 minutes), set this property to 0.	30
`uc.web_service.allow_unknown_properties`	Specifies (true or false) whether web service APIs will fail if the request payload contains unknown properties.	false
`uc.web_service.httpclient.socket.keep_alive`	Specifies (true or false) whether TCP socket keep-alive option is enabled for HTTP(S)/REST Web Service Tasks.	false

Secrets Provider Properties

The uc.db.secrets_provider property specifies which secrets provider the controller will use for the database password.

The controller will then load all the properties associated with the specified provider.

The properties that will be loaded by the controller for each provider are listed below.

AWS Secrets Manager

Property Name	Required	Description
`uc.db.secrets_provider.aws_secrets_manager.access_key_id`	true	The AWS access key, used to identify the user interacting with AWS.
`uc.db.secrets_provider.aws_secrets_manager.secret_access_key`	true	The AWS secret access key, used to authenticate the user interacting with AWS.
`uc.db.secrets_provider.aws_secrets_manager.region`	true	The region name (e.g., us-east-1).
`uc.db.secrets_provider.aws_secrets_manager`.`secret_id`	true	The ARN or name of the secret to retrieve.
`uc.db.secrets_provider.aws_secrets_manager`.`secret_password_key`	false	If this secret was created by using the console, then Secrets Manager stores the information as a JSON structure of key/value pairs. Specifies the key for the password in the JSON structure. If left unspecified, the password will evaluate to the entire secret value.
`uc.db.secrets_provider.aws_secrets_manager.secret_passphrase_key`	false	Specifies the key for the passphrase in the JSON structure. If left unspecified, the passphrase will be undefined.
`uc.db.secrets_provider.aws_secrets_manager`.`secret_token_key`	false	Specifies the key for the token in the JSON structure. If left unspecified, the token will be undefined.
`uc.db.secrets_provider.aws_secrets_manager`.`cache_ttl`	false	The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 3600 seconds / 1 hour)

Azure Key Vault

Property Name	Required	Description
`uc.db.secrets_provider.azure_key_vault.key_vault_name`	true	The name of the Key Vault used to build the vault URL to send HTTP requests to. https://<your-key-vault-name>.vault.azure.net
`uc.db.secrets_provider.azure_key_vault.secret_name`	true	The name of the secret.
`uc.db.secrets_provider.azure_key_vault.client_id`	true	The client (application) ID.
`uc.db.secrets_provider.azure_key_vault.tenant_id`	true	The Azure Active Directory tenant (directory) Id.
`uc.db.secrets_provider.azure_key_vault.client_secret`		The client secret used to authenticate. Only one of CLIENT_SECRET, CLIENT_ASSERTION, PEM_CERTIFICATE, or PFX_CERTIFICATE can be specified.
`uc.db.secrets_provider.azure_key_vault.client_assertion`		The client assertion used to authenticate. Only one of CLIENT_SECRET, CLIENT_ASSERTION, PEM_CERTIFICATE, or PFX_CERTIFICATE can be specified.
`uc.db.secrets_provider.azure_key_vault.pem_certificate`		The path of the PEM certificate used for authenticating. Only one of CLIENT_SECRET, CLIENT_ASSERTION, PEM_CERTIFICATE, or PFX_CERTIFICATE can be specified.
`uc.db.secrets_provider.azure_key_vault.pfx_certificate`		The path of the PFX certificate used for authenticating. Only one of CLIENT_SECRET, CLIENT_ASSERTION, PEM_CERTIFICATE, or PFX_CERTIFICATE can be specified.
`uc.db.secrets_provider.azure_key_vault.pfx_certificate_password`		The password for the PFX certificate. Required if the PFX_CERTIFICATE is specified.
`uc.db.secrets_provider.azure_key_vault.cache_ttl`	false	The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 28800 seconds / 8 hours)

CyberArk Credential Provider

Property Name	Required	Description
`uc.db.secrets_provider.cyberark_credential_provider.application_id`	true	The unique ID of the application issuing the password request.
`uc.db.secrets_provider.cyberark_credential_provider.safe`	true	The name of the Safe where the password is stored.
`uc.db.secrets_provider.cyberark_credential_provider.folder`	true	The name of the folder where the password is stored.
`uc.db.secrets_provider.cyberark_credential_provider.object`	true	The name of the password object to retrieve.
`uc.db.secrets_provider.cyberark_credential_provider.reason`	false	The reason for retrieving the password.
`uc.db.secrets_provider.cyberark_credential_provider.cache_ttl`	false	The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5 seconds)

CyberArk Central Credential Provider

Property Name	Required	Description
`uc.db.secrets_provider.cyberark_central_credential_provider.host`	true	The hostname of the Central Credential Provider.
`uc.db.secrets_provider.cyberark_central_credential_provider.port`	true	The port of the Central Credential Provider.
`uc.db.secrets_provider.cyberark_central_credential_provider.application_id`	true	The unique ID of the application issuing the password request.
`uc.db.secrets_provider.cyberark_central_credential_provider.safe`	true	The name of the Safe where the password is stored.
`uc.db.secrets_provider.cyberark_central_credential_provider.folder`	true	The name of the folder where the password is stored.
`uc.db.secrets_provider.cyberark_central_credential_provider.object`	true	The name of the password object to retrieve.
`uc.db.secrets_provider.cyberark_central_credential_provider.keystore`	true	The path of the keystore containing the client certificate used for authenticating.
`uc.db.secrets_provider.cyberark_central_credential_provider.keystore_password`	false	The password used to unlock the keystore.
`uc.db.secrets_provider.cyberark_central_credential_provider.keystore_type`	false	The type of keystore. (default PKCS12) JKS The proprietary keystore implementation provided by the SUN provider. PKCS12 The transfer syntax for personal identity information as defined in PKCS #12.
`uc.db.secrets_provider.cyberark_central_credential_provider.keystore_alias`	false	The name of a specific entry in the keystore to use.
`uc.db.secrets_provider.cyberark_central_credential_provider.cache_ttl`	false	The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5 seconds)

Sample uc.properties File

# DB
uc.db.rdbms=mysql
uc.db.url=jdbc:mysql://localhost/
# MYSQL
# uc.db.mysql.character_encoding=UTF-8
# uc.db.rdbms=mysql
# uc.db.url=jdbc:mysql://localhost/
# MS SQLSERVER
# uc.db.rdbms=sqlserver
# uc.db.url=jdbc:sqlserver://localhost:1433;DatabaseName=uc
# ORACLE
# uc.db.rdbms=oracle
# uc.db.url=jdbc:oracle:thin:@//localhost:1521/@oracle.db.name@
#
# COMMON
#
# trust manager algorithm & provider
# uc.trustmanager.algorithm=SunX509
# uc.trustmanager.provider=SunJSSE
# uc.trustmanager.ssl.protocols=TLSv1,TLSv1.1,TLSv1.2
#
uc.db.user=root
uc.db.password=pswd
uc.db.name=uc
uc.servlet.port=8080
uc.ui.session_timeout=30

Universal Controller System Properties

Properties for your Universal Controller system are set (in the Controller database) during Controller installation. These properties let you define Controller system information and performance.

Universal Controller system properties do not reside in a properties file; they are available only via the user interface.

Although you can reset these properties any time after the Controller is in operation without having to stop and restart the Controller, you should click the Reload current page icon in your browser taskbar after resetting a property.

Note

You must be assigned the ops_admin role in order to reset these properties.

Step 1	From the Available Services, select Administration > Properties. The Properties list displays.
Step 2	If you want to change the value of a property, click a its Value field and select/enter a new value.
Step 3	To filter the list of displayed properties, enter appropriate characters (not case-sensitive) in the empty fields above the Name and/or Value columns. For example, to display only properties elated to promotion, enter promotion (or PROMOTION, promo, etc.) in the empty field above the Name column.

The following table describes the Universal Controller system properties:

Name (Property Name)	Description	Default
Administrator Email Address (uc.admin.email_addr)	System administrator email address(es) specified as the recipient(s) for System Notifications. Addresses for multiple administrators should be specified in a comma-separated list.	(none)
Agent Address Information Restricted (uc.agent.address_info_restricted)	Specification (true or false) for whether or not to hide the IP address of an Agent from non-Administrator (ops_admin) users. If the property is set to true and the user is a non-Administrator, the IP Address field of Agents will display ***** instead of the actual value for that user.	true
Agent Cache Retention Period in Days (uc.agent.cache.retention)	Number of days that cache files (stdout, stderr) are retained by the system.	7
Agent Cluster Network Alias Cache Retention In Minutes (uc.agent_cluster.network_alias.cache_retention_in_minutes)	Amount of time (in minutes) that a resolved Network Alias will be used before attempting to resolve it again.	30
Agent Cluster Network Alias Retry Interval In Minutes (uc.agent_cluster.network_alias.retry_interval_in_minutes)	Amount of time (in minutes) before automatically retrying the Network Alias resolution upon failure.	5
Agent Cluster Network Alias Uquery Port (uc.agent_cluster.network_alias.uquery_port)	Default port for an Agent Cluster with a Distribution method of Network Alias if no Agent Port is specified.	7887
Agent Credentials Required (uc.agent.credentials.required)	Specification (true or false) for whether or not Credentials are required for agent-based tasks and Application Resources.	false
Agent Credentials Required On Registration (uc.agent.credentials.required.registration)	Specification (Windows, Linux/Unix, z/OS) for whether the agent has to use the credentials or not.	(none)
Agent Heartbeat Grace Period in Seconds (uc.agent.heartbeat.grace_period_in_seconds)	Grace period in seconds (minimum 30, maximum 600) that the Controller will allow for a delayed heartbeat message.	60
Agent Heartbeat Interval in Seconds (uc.agent.heartbeat.interval.in.seconds)	Number of seconds between each heartbeat message sent by the agent to the Controller.	120
Agent Notification Disabled If Suspended (uc.agent.notification.disable_if_suspended)	Specification (true or false) for whether or not Agent notifications will not be processed (true) when a suspended Agent goes active/offline.	false
Agent Prefix (uc.agent.prefix)	Prefix appended to the Queue name for newly registered agents. A 4-digit number is appended to this prefix.	AGNT
Allow In Doubt Re-run (uc.task_instance.rerun.allow_in_doubt)	Specification (true or false) for whether or not the Controller will allow the re-run of a task instance if it is in the In Doubt status.	true
Audit Owner Read Permitted (uc.audit.owner.read.permitted)	Specifies if users without the `ops_admin` role or the `ops_audit_view` role can view their own audits, specifically, any audit indicating it was Created By their User Id (Username).	true
Autofit Plain Large Text Fields (uc.universal_template.text_field.large.plain.auto_fit)	Specification (true or false) for whether or not the Controller will auto-fit Universal Task Large Text Fields when Text Type is Plain.	true
Automatically Create Versions (uc.version.automatically)	Specification (true or false) for whether or not the Controller will retain copies of previous versions. Affects system behavior when you make updates to records in your Controller database, such as changing a task definition.	true
Automatically Skip Conflicting Multi-Origin Paths (uc.workflow.skip_conflicting_multi_origin_paths)	Specification (true or false) for whether or not the Controller will automatically skip a task (within a workflow) that is connected to multiple predecessor tasks, where one or more of the predecessor tasks would cause the task to be run and one or more would cause the task to be skipped.	false
Banner Background Color (uc.banner.background_color)	Hexadecimal color code for the color of the Universal Controller user interface page banner. Valid values are #[0-9, a-f, A-F] (six characters) or transparent.	transparent For transparent, color will be based on Theme.
Banner Logo (uc.banner.logo)	Name of the Banner Logo file to use in the Universal Controller user interface page banner (next to the Stonebranch logo). Enter the name of the logo file, excluding the path, from directory `../tomcat/uc_images/`. Valid logo files end in extension .png, .jpg, or .gif. Note The banner logo is allocated a maximum width of 298px and a maximum height of 32px. The image will be scaled, preserving its ratio, to fit within its designated area.	(none)
Banner Logo URL (uc.banner.logo_url)	URL of a web resource that you want the Banner Logo to link to. The URL must begin with `http://`, `https://`, or `ftp://` and contain no spaces. (Banner Logo URL is not a valid URL.)	(none)
Broadcast On Hold If Cluster Suspended (uc.cluster_broadcast.hold_on_suspended)	Specification (true or false) for whether or not cluster broadcast tasks will be run if the agent cluster selected for the broadcast has been suspended.	true
Broadcast On Hold If Cluster Unresolved (uc.cluster_broadcast.hold_on_unresolved)	Specification (true or false), for a task instance defined within a worfklow, if a broadcast cluster is specified, and Universal Controller is unable to find the broadcast cluster by id, or unable to resolve the broadcast cluster variable, or the Execution User cannot read the cluster due to security constraints, that the task instance should be Held, with an appropriate Hold Reason, rather than the instance becoming Undeliverable only when eligible to run.	true
Bulk Export Activity Permitted (uc.bulk_export.activity.permitted)	Specification (true or false) for whether or not to permit the Bulk Export Activity server operation to be run.	false
Bundle Exclude On Existence Picker Default (uc.bundle.exclude_on_existence.picker.default)	Default selection for the Exclude on Existence field in both the Bundle Details for a new Bundle and the Promote dialog when promoting one or more individual records, which identifies record types in the promotion payload that will not be updated if they exist on the target server. Use the Shift and/or Ctrl keys to select multiple record types.	(none)
Bundleless Promotion With Execute Permission Permitted (uc.promotion.bundleless.execute_permission.permitted)	Specifies whether or not a bundleless promotion should be limited to users with the ops_promotion_admin role, or if users with promotion target Execute permission should be permitted to perform a bundleless promotion.	false
Business Service Visibility Restricted (uc.bsrvc.visibility_restricted)	Specifies (true or false) if drop-down menus for selecting a Business Service, such as Member of Business Services, should be restricted to displaying only those Business Services for which a user has an assigned or inherited Permission or relevant Roles. If a user has any Permission, directly assigned or inherited, with Member of Any Business Service or Unassigned selected, the user will have no Business Service visibility restrictions. If user is assigned a Permission, directly assigned or inherited, with Not Member of Specific Business Services or Unassigned or Not Member of Specific Business Services selected, then visibility will be granted for every Specific Business Service not specified. For any Permission that the user has, directly assigned or inherited, with an explicit Business Service specified for Member of Business Services, visibility for that specific Business Service will not be restricted. The following Roles, directly assigned or inherited, provide a user with unrestricted Business Service visibility. ops_admin ops_agent_cluster_admin ops_bundle_admin ops_dba ops_email_admin ops_oms_admin ops_peoplesoft_admin ops_promotion_admin ops_sap_admin ops_service ops_snmp_admin ops_user_admin Note In cases where the user can Read a record that is a member of one or more Business Services, and visibility for one or more of those Business Services is restricted for that user, the user will be able to see the display name of those Business Services in the Member of Business Services field; however, the drop-down will not contain those Business Services for selection. Any attempt to modify the selection of the Member of Business Services field will result in the removal of restricted Business Services from the selection.	false
Calendar Preview Past Period In Months (uc.calendar.preview.past.months)	Number of months (going backwards) to show all Custom Days defined for a calendar in a Calendar Preview.	3
Calendar Preview Future Period In Years (uc.calendar.preview.years)	Number of years (starting from the end of the current year) to show all Custom Days defined for a calendar in a Calendar Preview.	2
CLI/Web Service Result Limit (uc.cli.result_limit)	Maximum number of records that can be retrieved (or matched) for the following: CLI List APIs excluding List Predecessors / Successors of a Task Instance in a Workflow CLI CLI APIs for limiting matches: Launch a Task Export Trigger Disable a Trigger Enable a Trigger Launch Trigger Tasks Now Web Service List APIs: List Task Instances List Task Instances - Advanced List Tasks List Tasks - Advanced List Triggers List Triggers - Advanced List Virtual Resources List Virtual Resources - Advanced List Variables List Variables - Advanced	1000
Client Export Fetch Limit (uc.export.client.fetch_limit)	Number of records to pre-fetch before performing an export to CSV, PDF, XLS (Excel), or XLSX. Before performing an export, the client will attempt to pre-fetch all list grid data. If after the pre-fetch, the list grid does not contain all matching rows, a warning displays, before continuing with the export, indicating that the export doesn't contain everything.	1000
Compress Bundle Promotion Payload (uc.bundle.payload_compression)	Specification (true or false) for whether or not the Controller will compress record bundles during a promotion.	false
Confirm Enable/Disable Trigger Command (uc.user.confirm.enable.disable.trigger.default)	Specification (yes or no) for whether or not a confirmation pop-up displays if a user selects to enable or disable a trigger.	yes
Confirm Exit (uc.browser.confirm_exit)	Specification (true or false) for whether or not a confirmation pop-up displays if a user navigates away from the Universal Controller user interface (or closes the browser without logging out).	true
Confirm Update For Tasks In Workflows (uc.task.confirm.workflow_update)	Specification (true or false) for whether or not a user, when updating a task, is prompted with a Confirmation dialog listing all Workflows containing that task, since those Workflows could be impacted by the task update.	false
Continue Monitoring Completed Workflows in Workflow Monitor (uc.workflow_monitor.monitor_completed)	Specification (true or false) for whether or not the Controller will continue monitoring completed Workflows in the Workflow Monitor.	false
Create Version On Related List Change (uc.version.on.related.list.change)	Specification (true or false) for whether or not a record version will be created if the user changes a record associated with the current record. For example, if true, the Controller will create a version of the task when the user changes a task variable.	true
Critical Path Calculations Permitted (uc.cp.calculations.permitted)	Specification (true or false) for whether or not a user can use the Critical Path feature of the Controller. If this property is true: The Toggle Critical Path View displays in the Workflow Monitor Toolbar. The Calculate Critical Path field displays in the Workflow Details. If this property is false: The Toggle Critical Path View does not display in the Workflow Monitor Toolbar. The Calculate Critical Path field does not display in the Workflow Details, either to view or modify. If this property changes from false to true, logged-in users must log off/on to use the Critical Path feature. If this property changes from true to false, the Critical Path feature will not be honored. However, Workflow Details will be preserved.	false
Critical Path Color (uc.cp.color)	Hexadecimal color code for the color of the vertices and edges along the Critical Path displayed within the Workflow Monitor while in Critical Path view. Valid values are #[0-9, a-f, A-F] (six characters).	#FF0000 (red)
Critical Path Dynamic Calculation Threshold In Seconds (uc.cp.calculations.dynamic.threshold_in_seconds)	When a task instance completes, if the difference between its end time and its projected end time is greater than or equal to the threshold specified in seconds, a critical path recalculation event will be dispatched. Valid values are 0-600.	0
Critical Path Monitor Polling Interval In Seconds (uc.cp.monitor.polling.interval_in_seconds)	Interval (in seconds) in which that Universal Controller queries for task instances with a status greater than WAITING, and less than SKIPPED, and have elapsed their projected end time. Valid values are 60+.	300
Critical Path Monitor Polling Threshold In Seconds (uc.cp.monitor.polling.threshold_in_seconds)	Threshold (in seconds) that Universal Controller uses to determine if a task instance has elapsed its projected end time when polling. Valid values are 60+.	60
Critical Path Projected Late Action Maximum (uc.cp.projected_late.action.maximum)	Number of times that a task instance can invoke Actions On Projected Late before being muted. As a task instance Projected End Time changes, the Projected Late flag can be set and cleared multiple times. In such situations, this property limits the number of Actions being performed On Projected Late, such as Email Notifications, for a particular instance.	5
Critical Path Projected Late Threshold In Minutes (uc.cp.projected_late.threshold_in_minutes)	Threshold beyond the Late Start Time, Late Start Duration, or Late Finish Time that the projected time must exceed in order for the task instance to be flagged as Projected Late.	5
Custom Day Global Permitted (uc.custom_day.global.permitted)	Specification (true or false) for whether to enable (true) or disable (false) global Custom Days. Note You cannot set Custom Day Global Permitted to false if there are any existing global Custom Days.	true
Custom Day Local Indicator Enabled (uc.custom_day.local_indicator.enabled)	Specification (true or false) for whether to enable (true) or disable (false) the Local Custom Day indicator ({L}) for Trigger and Composite Trigger components, Task Run Criteria, and Calendar Preview.	true
Custom Day Strict Mode (uc.custom_day.strict.mode)	Specification (true or false) for whether or not a Custom Day referenced in the Complex section of Task Run Criteria for a task in a workflow must belong to the Calendar in use at run time.	false
Data Backup/Purge Export Path (uc.backup.path)	Export path to use instead of the default export path (`uc_backups` under the Tomcat directory) for Data Backup/Purge operations.	(none)
Deployment Wait For Running Instances Timeout In Seconds (uc.extension.deployment.wait_timeout_in_seconds)	Specifies the number of seconds to wait before failing the tasks waiting for the deployment.	600
Disable Tab Indicators (uc.disable.tab.indicators)	Specification (true or false) for whether or not to disable the tab icons that indicate if tabs contain (green icon) or do not contain (gray icon) records.	false
Email Body Default Begin Marker (uc.email.body_begin_marker)	Default Begin Marker for Email Monitor Body Variables field.	- - BEGIN - -
Email Body Default End Marker (uc.email.body_end_marker)	Default End Marker for Email Monitor Body Variables field.	- - END - -
Email Credentials Permitted (uc.credentials.email.permitted)	Specification (true or false) for whether or not to enable the use of Email Credentials.	true
Email Monitor Polling Interval In Seconds (uc.email.monitor.polling.interval_in_seconds)	Number of seconds between each poll of a Mailbox Folder by an Email Monitor task.	120
Email Notification Audit (uc.email.notification.audit)	Specification (Success/Failed or Failed) for how to identify an Email Notification audit.	(none)
Exclude Holidays for Business Days (uc.calendar.exclude_holidays)	Specification (true or false) for whether or not the Controller will consider a Business Day on which a holiday falls as a non-Business Day. If true, holidays that fall on Business Days are considered non-Business Days. If false (the default), holidays that fall on Business Days are considered Business Days. For example, if the default value (false) is used, and a job is defined to run on Business Days, the job will run on Christmas Day, even though it is a holiday. This behavior applies to Triggers, Task Run Criteria, and JavaScript functions that operate on Business Days, and provides a means to avoid having to specify a restriction or skip criteria for holidays.	false
Expand Lists Automatically (uc.lists.expand_automatically.default)	Specification (Yes or No) for whether or not to Expand Lists by Default in the List / Details views.	No
Export Agent References (uc.export.agent_references)	Specification (true or false) for whether or not the Controller will export referenced Agents when exporting definition XMLs with the Export References feature.	false
Export Path (uc.export.path)	Pathname where exported XML files are written. All cluster nodes use their own local system default export path. You should set a value for Export Path only if the path is writable by all cluster nodes. Note Any bulk import or list import of an Export Path property (from version 6.1.1.0 or earlier) will result in the server resetting the database back to the default "unset" Export Path value. Both bulk export and list export will first look for a configured Export Path property. If a value has not been set, they will use the local system default path of `<tomcat>/uc_export`.	(none)
Expose UDM Script (uc.infitran.expose_script)	*For debugging use only.* Specification (true or false) for whether or not the Controller prepares a script when it launches a file transfer on a UDM installation. If troubleshooting is necessary, enabling this property allows you to view the script in the Output tab on the task instance.	false
Expose Resolved Script (uc.script_library.expose_resolved_script)	Specification (true or false) for whether or not to generate a SCRIPT output type capturing the resolved contents of the Scripts script for each task instance run attempt that utilizes a script from the Scripts. This property only applies to Scripts defined with the Resolve UAC Variables option checked. Any user with the task instance Read permission for a specific task instance will be able to view the SCRIPT output type content for that specific instance. To avoid generating unnecessary output, we recommend enabling this property only for debugging purposes. The unresolved script content can always be viewed from Scripts. For Enhanced View SAP Tasks, Specification (true or false) for whether or not to generate a SCRIPT output type capturing the resolved content of the generated SAP Definition Script for each task instance run attempt of an Enhanced View SAP task. To avoid generating unnecessary output, we recommend enabling this property only for debugging purposes.	false
File Transfer Task Exclude Protocols (uc.task.file_transfer.exclude_protocols)	Specification for which protocols will be excluded from the Transfer Protocol field in the File Transfer Task Details: FTP SFTP UDM FTPS FTPES You can select multiple, but not all, protocols. Also, you cannot exclude a protocol if it is specified in the Transfer Protocol field for any exisitng File Transfer Task or Task Instance.
Flatten Reference List Fields In Chart Reports (uc.report.flatten_references)	Specification (true or false) for whether or not to flatten Business Services in Chart reports when grouping by Member of Business Services.	false
Forecast Period in Days (uc.forecast.days)	Number of days to be included in a trigger forecast. See Displaying Trigger Forecast Information.	31
Inherit Actions On Defined For Insert Task (uc.inherit_actions.on_defined.insert_task)	Specification (true or false) for whether or not a task inserted into a Workflow, whose initial inserted status will be Defined, will perform inherited Workflow Actions for the Defined status.	false
LDAP Synchronization Enabled (uc.security.ldap.enabled)	Specification (true or false) for whether or not LDAP synchronization is enabled. This allows you to retain your LDAP Settings while using or not using LDAP authentication, as desired.	false
License Key (uc.license)	License key for your installation; provided to you by your Universal Controller representative.	(none)
List Qualifying Times Format (uc.trigger.date.format.display)	Format that you want the Controller to use when listing qualifying times for Time and Cron Triggers. See List Qualifying Times.	EEEEE, MMMMMMM dd, yyyy HH:mm:ss z Z
Log File Retention Period in Days (uc.log.retention)	Number of days that the Controller retains its log files.	5
Log Level (uc.log.level)	Level of logging for the Controller: ALL TRACE DEBUG INFO WARN ERROR	INFO
Login Disclaimer (uc.login.disclaimer}	Allows for the specification of free-form text to be displayed at the bottom of the Universal Automation Center Login page.	(none)
Login Notification (uc.login.notification}	Allows for the addition of a pop-up to be displayed on the Universal Automation Center Login page.	(none)
Maximum Extension Deployment Threads (uc.extension.deployment.max_threads)	Maximum number of concurrent threads to handle extension deployments; minimum =1, maximum = 20.	5
Maximum Nested Variable Depth (uc.variable.maximum_depth)	Maximum number of nested variables allowed.	25
Maximum Nested Variable Expansion (uc.variable.maximum_expansion)	Maximum number of nested variable characters allowed.	250000
Maximum Processing Threads (uc.threads.max)	Maximum number of processing threads used.	1000
Maximum Timer Threads (uc.timer.threads.max)	Maximum number of timer threads used.	300
Navigation Auto Collapse (uc.navigation.auto_collapse.default)	Specification (Yes or No) for whether or not the side Navigation Menu on the Home Dashboard collapses by default.	Yes
Navigation Bar Auto Collapse (uc.navigation.bar.auto_collapse.default)	Specification (Yes or No) for whether or not the side Navigation Bar collapses by default.	No
Node Time Display (uc.node_time.display.default)	Specification (Yes or No) for whether or not the User Task Bar will display the Cluster Node time by default.	Yes
Node Time Display Background Color (uc.node_time.display.background_color.default)	Default color to use for the Cluster Node time field background in the User Task Bar.	White
Node Time Display Color (uc.node_time.display.color.default)	Default color to use for the Cluster Node time field in the User Task Bar.	Black
Node Time Display Time Zone (uc.node_time.display.tz.default)	Specification (true or false) for whether to display the time zone of the Server or the User in the Cluster Node time field in the User Task Bar.	Server
OMS Log Level (uc.oms.log.level)		INFO
Open Telemetry Visualization In IFrame (uc.otel.visualization_url.iframe)	Specification (true or false) for whether the Open Telemetry Visualization URL will open in an iframe embedded within a controller application tab (default) or open in a new browser tab.	true
Open Telemetry Visualization URL (uc.otel.visualization_url)	When an Open Telemetry Visualization URL is specified, the Details > Show Trace right-click menu action for a task instance will open the trace visualization URL in an iframe and or new browser tab, depending on the configuration of Open Telemetry Visualization In IFrame. The following tokens are supported within the trace visualization URL. `${traceId}` `${spanId}` The URL will be resolved using the specific trace id and span id associated with the task instance. For example, `https://hostname:port/trace/${traceId}?uiFind=${spanId}&uiEmbed=v0 → https://hostname:port/trace/a629c8a23114d1a6fafc03291c672f68?uiFind=eb17913c4fa001f9&uiEmbed=v0` This is only applicable if you have configured an Open Telemetry Trace exporter.	(none)
Operational Memo Reset On Re-run uc.task_instance.operational_memo.reset_on_rerun	Specification (true or false) for whether or not to reset the Operational Memo field on a task instance re-run.	true
Perform Actions On Defined For Tasks Within Skipped Workflow (uc.perform_actions.on_defined.tasks_within_skipped_wf)	Specification (true or false) for whether or not tasks within a workflow that is being skipped due to trigger-time run criteria should perform Actions on Defined status and evaluate their own run criteria.	false
Perform Actions On Defined Workflow First (uc.perform_actions.on_defined.wf_first)	Specification (true or false) for whether or not to allow a workflow, on Defined status, to process its own Actions prior to processing any Actions for its children task instances on Defined status. This might be leveraged if, on Defined status, a workflow initializes a variable using the Set Variable Action, and a child task instance, also on Defined status, leverages that same variable in its own Set Variable Action.	false
Perform Actions On Halt (uc.perform_actions.on_halt)	Specification (true or false) for whether or not to allow the triggering of notifications for a task instance status change to Finished when issuing a Force Finish (Halt) or Force Finish/Cancel (Halt) command.	true
Picker Fetch Limit (uc.picker.fetch_limit)	Fetch limit for all picker windows; minimum =200, maximum = 1000. For example, the value of this property determines how many tasks can be fetched at any one time for stonebranchbundle-01.	200
Platform Log Level (uc.platform.log.level)	Level of logging for the user interface framework: ALL TRACE DEBUG INFO WARN ERROR OFF	WARN
Promote By Business Service Membership Permitted (uc.bundle.promote_by_bsrvc_membership.permitted)	Specification (true or false) for whether or not you can promote a Bundle by Business Service Membership. You cannot set this property to false if the Promote Members of Business Services or Visible To field in any Bundle records has a non-empty value. Also, if the proparty is set to false: If the Promote Members of Business Services or Visible To field in a Bundle record has a non-empty value, Bundle promotion (including schedule Bundle promotion) is prohibited for that record. If the Promote Members of Business Services and Visible To field in a Bundle reocrd has an empty/blank value, the Promote By Business Service Membership section will be hidden for this record.	true
Promotion Follow References Permitted (uc.promotion.follow_references.permitted)	Specification (true or false) for whether or not to permit utilizing follow reference option for Promotion.	true
Promotion Follow Report References (uc.promotion.report.follow_references)	Specification (true or false) for whether or not to promote referenced reports in an email task or email notification when Follow References is true for the promotion.	true
Promotion History Retention Period in Days (uc.promotion_history.retention)	Number of days that the Controller retains Promotion History.	60
Promotion Schedule Retention Period In Days (uc.promotion_schedule.retention)	Number of days that a Promotion Schedule will remain available after the promotion has completed successfully.	7
Promotion Validate Report References (uc.promotion.report.validate_references)	Specification (true or false) for whether or not to implement report-related promotion validation. This property applies to the target system to which a promotion payload is being promoted.	true
Purge Activity By Primary Key Limit (uc.backup.purge_by_primary_key.limit)	Number of task instances to purge per transaction while performing the Activity purge (by primary key).	500
Purge All Non-Default Users And Groups Permitted (uc.purge.non_default_users_and_groups.permitted)	Specification (true or false) for whether or not to allow the Purge All Non-Default Users And Groups Server Operation to be run.	false
Purge Dates From Custom Day List Older Than (uc.custom_day.purge_dates_older_than)	Number of days old (1-999) that a date in a Custom Day List of Dates will cause it to be purged automatically.	(none)
Re-run (Suppress Intermediate Failures) Permitted (uc.task_instance.rerun.suppress_intermediate_failures.permitted)	Specification (true or false) for whether or not you can manually Re-run a task instance specifying that intermediate failures be suppressed.	true
Reconcile Built-In Universal Template Changes On Promotion (uc.promotion.universal_template.system_template.reconcile_changes)	Controls the promotion behavior when promoting a Universal Task based on a built-in Universal Template that has changed.	false
Record New In Tab (uc.record.new_in_tab.default)	Specification (Yes or No) for whether or not to display the new record editor under a new tab when clicking on the following icons: for non-related record list from the Services menu New Task... in workflow editor Click here to see list of affected record types... Agent Cluster Task Trigger Application Back up & Purge Bundle Bundle Target Calendar Credentials Custom Day Database/Email/Peoplesoft/SAP Connection Email Template Business Services Filter OAuth Client Oms Server Report Script Simulation Universal Event Template Universal Template User Group Global Variable Virtual Resource Webhook Task Instance Audit Agent Promotion History Item Trigger Forecast History Widget Color Promo History Promo Schedule Cluster Node Version (of the above types)	No
Record Open In Tab (uc.record.open_in_tab.default)	Specification (Yes or No) for whether or not to display the record Details under a new tab when double clicking (or clicking on the icon) for a record in the following cases: Any non-related record list Workflow tree Workflow timeline Click here to see list of affected record types... Agent Cluster Task Trigger Application Back up & Purge Bundle Bundle Target Calendar Credentials Custom Day Database/Email/Peoplesoft/SAP Connection Email Template Business Services Filter OAuth Client Oms Server Report Script Simulation Universal Event Template Universal Template User Group Global Variable Virtual Resource Webhook Task Instance Audit Agent Promotion History Item Trigger Forecast History Widget Color Promo History Promo Schedule Cluster Node Version (of the above types)	No
Recurring Task Launch Skip Condition Default (uc.recurring.task.skip_condition.default)	Default value of the Task Launch Skip Condition field for a Recurring Task: None Active Active By Recurring Task Instance	None
Recurring Task Minimum Frequency In Seconds (uc.recurring.task.minimum_frequency_in_seconds)	Minimum duration, in seconds, that a Recurring Task can have for a Recurrence Interval. The minimum value is 0.	5
Reference New In Tab (uc.reference.new_in_tab)	Specifies whether to use the currently defined system default, or to select Yes or No, for whether or not to display the record Details under a new tab when creating a reference record.	No
Reference Open In Tab (uc.reference.open_in_tab.default)	Specification (Yes or No) for whether or not to display the record Details under a new tab when viewing a reference field.	No
Remote File Monitor Task Exclude Protocols (uc.task.ftp_file_monitor.exclude_protocols)	Specification for which protocols will be excluded from the Server Type field in the Remote File Monitor Task Details: FTP SFTP FTPS FTPES You can select multiple, but not all, protocols. Also, you cannot exclude a protocol if it is specified in the Server Type field for any exisitng Remote File Monitor Task or Task Instance.
Report Average Color (uc.report.average_color.default)	Specification of the default hexadecimal color of the average line when using the Show Average option on Bar Chart/Horizontal and Bar Chart/Vertical reports.	#000000
Report Group Threshold (uc.report.group_threshold.default)	If the Group Threshold field on the Report is - - System Default - -; Maximum number of groups to display on a Chart report. All groups above the threshold will be displayed in one group named Other. Note This option formerly was named System Default Report Group Threshold.	10
Report Threshold Color (uc.report.threshold_color.default)	Specification of the default hexadecimal color of the threshold line when using the Show Threshold option on Bar Chart/Horizontal and Bar Chart/Vertical reports.	#000000
Resolvable Credentials Permitted (uc.credentials.resolvable.permitted)	Specification (true or false) for whether or not the use of Resolvable Credentials is enabled.	false
Retain Overridden Step Codes On z/OS Task Re-run (uc.task_instance.rerun.zos.retain_step_codes)	Specification (true or false) for whether or not a changed return code of a previously executed step in a z/OS task is retained when the task is re-run.	false
Retrieve Output Default Number Of Lines (uc.retrieve_output.maximum_lines)	Specifies the default value for the Number of Lines field on the Retrieve Output dialog. Additionally, if the Number of Lines field is blank, it specifies the limit for the number of lines retrieved when Automatic Output Retrieval is enabled on a task.	100
Retrieve Output Maximum Lines (uc.retrieve_output.maximum_lines.limit)	Specifies the maximum number of lines that can be requested when retrieving output.	(none)
SAP Credential Type Required (uc.task.sap.credential_type.required)	Specification (true or false) for whether or not an SAP task will only accept SAP Credentials (as opposed to other Credential Types).	false
SAP Task ABAP Program Name Fetch Limit (uc.task.sap.abap_program.fetch_limit)	Specifies the maximum number of results (10-5000) that can be retrieved from the SAP system for ABAP Program Name dynamic choice select item.	500
SAP User Name Restricted (uc.task.sap.username.restricted)	Specification (true or false) for whether or not the SAP User Name for an SAP Job Step can only be specified by SAP User Credentials.	false
Scheduled Report 3D Pie Chart (uc.report.scheduled.3d_pie_chart.default)	Specification (Yes or No) for whether Pie Chart reports are rendered in 2D (No) or 3D (Yes).	No
Scheduled Report Fetch Limit (uc.report.scheduled.fetch_limit)	Maximum number of records to fetch for inclusion in a List report (minimum is 1; no maximum). The report will indicate if the specified maximum has been reached.	1,000
Scheduled Report Image Height (uc.report.scheduled.image_height.default)	Specification for the height (in pixels) of PNG chart report images.	500
Scheduled Report Image Width (uc.report.scheduled.image_width.default)	Specification for the height (in pixels) of PNG chart report images.	750
Scheduled Report Inline Image (uc.report.scheduled.inline_image.default)	Specification (Yes or No) for whether to inline chart report images within the email (Yes) or include them as attachments (No). If any other attachments, such as standard error and standard output, are included, this property does not apply; the chart report image will be delivered as an attachment.	Yes
Scheduled Report PDF Orientation (uc.report.scheduled.pdf.orientation.default)	Specification (Landscape or Portrait) for the page layout of the PDF.	Landscape
Scheduled Report PDF Size (uc.report.scheduled.pdf.size.default)	Specification (Letter, Legal, or A4) for the page size of the PDF.	Letter
Scheduled Report Time Zone (uc.report.scheduled.tz.default)	Specification for whether to obtain the time zone from the Server (Server) or from the User record of the Execution User (User). This property applies to all report types (List, Bar Chart/Horizontal, Bar Chart/Vertical, and Pie Chart).	Server
Script Resolve Variables Default (uc.script.variables.resolve.default)	Specification (true or false) for whether or not the Resolve UAC Variables option in scripts is enabled by default.	false
Script Upload Accept List (uc.script.upload.accept_list)	Specification for a list of allowed extensions and/or mime types. An administrator can add/remove extensions or mime types to/from the list or clear the list completely to remove restrictions altogether.	.bat, .cmd, .js, .ps1, .py, .uapy, .vbs, .wsf, .sh, .usp, .udm, .yml, application/xml, application/json, text/html, text/plain
Script Upload Maximum Size (uc.script.upload.maximum_size)	Specification for the maximum size (in bytes) of an uploaded /wiki/spaces/UC78/pages/1086477167 (minimum = 0, maximum = 2147483647)	1048576
Show Last Login (uc.login.show_last_login)	Specification (true or false) for whether or not the last login time is shown in the console when logging into the user interface. For more information and examples, see Show Last Login.	true
Show Metadata (uc.form.show_metadata.default)	Specification (Yes or No) for whether or not the Metadata section displays automatically in the the Details of all Controller records. You can override this system default configuration by customizing the Show Metadata user preference.	No
Show Variables Fetch Global Automatically (uc.show_variables.fetch_global.default)	Specification (Yes or No) for whether or not to fetch and display Global Variables automatically for the Show Variables action. If No, the visibility of Global Variables in Show Variables can still be toggled, on demand, by the Show Global and Hide Global buttons. You can override this system default configuration by customizing the Show Variables Fetch Global Automatically user preference.	No
SMTP Debug (uc.smtp.debug)	Specification (true or false) for whether or not additional debug information about any Email Connection issues (for example, Email Connection Test fails or errors while sending emails) will be included in the log.	false
SQL/Stored Procedure Close Additional Results Sets (uc.sql_handler.close_additional_result_sets)	Specification (true or false) for whether or not to close any additional Result Sets if multiple Result Sets have been returned by SQL or Stored Procedure tasks. Note You should not change this property to false unless there is a backwards compatibility issue.	true
SQL/Stored Procedure Ignore Update Count If No Results (uc.sql_handler.update_count.ignore_if_no_results)	Specification (true or false) for whether or not to create a SQL Results record for rows affected when no results (result sets or update counts) are returned by SQL or Stored Procedure tasks.	false
SQL/Stored Procedure Maximum Rows (uc.sql_handler.maximum_rows)	Specifies the maximum number of rows that can be returned from an SQL task or Stored Procedure task.	(none)
Start Server Paused (uc.startup.paused)	Specification (true or false) for whether or not a Universal Controller cluster node should become paused when starting up. Note This property is applicable only for a Universal Controller cluster node that is starting up. Any cluster node that has already started will not be impacted. Once a cluster node is in paused mode, it will remain in paused mode until running the Resume Cluster Node server operation for that specific cluster node.	false
Stop Unknown Application Monitors (uc.application.stop_unknown_monitors)	Specification (true or false) for whether or not to stop any application monitors currently running on an Agent if the Controller is no longer managing those monitors (Windows and Linux/Unix only).	false
Strict Dashboard Create Constraints (uc.dashboard.create_constraints.strict)	Specification (true or false) for whether or not to restrict dashboard creation only to users with the ops_admin, ops_report_admin, ops_dashboard_group, or ops_dashboard_global role.	false
Strict Report Create Constraints (uc.report.create_constraints.strict)	Specification (true or false) for whether or not to restrict report creation only to users with the ops_admin, ops_report_admin, ops_report_group, or ops_report_global role.	false
System Default Activity Quick Filters (uc.activity.quick_filters.default)	Task instance status types to include in the Active, Blocked, Completed, and Problem Quick Filters. You can add statuses to or delete statuses from any of these Quick Filter. You also can delete any of these Quick Filters and create you own Quick Filters.	Active=!180,!190,!200; Blocked=10,20,23,30,33,60; Completed=180,190,200; Problem=35,81,99,110,120,125,130,140
System Default CLI Bulk Import Path (uc.bulk_import.path.default)	Pathname from where imported XML files are written.	`<tomcat-home>/uc_import` or `<tomcat-home>\uc_import` (`<tomcat-home>` is the base tomcat installation directory.)
System Default Command Line Access (uc.user.command_line.default)	Specification (Yes or No) for all users whose Command Line access field in their User Details is set to -- System Default --, for whether or not to control a user's ability to access the Controller through the Command Line Interface (CLI).	Yes
System Default Confirm Launch Command (uc.user.confirm.launch.default)	Specification (Yes or No) for whether or not a user is prompted with a Confirmation dialog when issuing the Launch command. Note If a task is launched that has been modified but not saved, a Confirmation dialog displays even if the System Default Confirm Launch Command is set to No.	Yes
System Default Confirm Task Instance Commands (uc.user.confirm.task_instance.commands.default)	Specification (Yes or No) for whether or not to enable command confirmations when issuing commands against task instances.	No
System Default Maximum Versions (uc.version.maximum.default)	Maximum number of version records (1 to 255) to maintain per definition.	100
System Default Trigger Simulate Forecast (uc.trigger.simulation)	Specification (true or false) for whether or not to simulate the launching of tasks when triggers are eligible to fire. If simulation is enabled, only the scheduled launch of the task by the trigger is inhibited. All other aspects of the trigger execution, including generation of forecast data, are enabled. You can still force a trigger by using the Trigger Now command or launch a task by using the Launch command.	false
System Default Update Virtual Resource Limit On Promotion (uc.promotion.virtual_resource.update_limit.default)	Specification (Yes or No) for whether or not virtual resource limits are updated as part of a promotion.	Yes
System Default Wait/Delay Workflow Only (uc.timewait.workflow.only.default)	Specification (Yes or No) for whether or not to apply Wait/Delay Options to a task only if it runs within a workflow.	Yes
System Default Web Browser Access (uc.user.browser.default)	Specification (Yes or No), for all users whose Web Browser access field in their User Details is set to -- System Default --, for whether or not to control a user's ability to access the Controller through the user interface.	Yes
System Default Web Service Access (uc.user.web_service.default)	Specification (Yes or No), for all users whose Web Service access field in their User Details is set to -- System Default --, for whether or not to control a user's ability to access the Controller through the RESTful Web Services API.	Yes
System Details Database Information Restricted (uc.widget.system_details.db_info_restricted)	Specification (true or false) for whether or not the following database information on the System Details widget is visible only to users assigned the ops_admin role or ops_server_operation_admin role: Database Type Database Name Database URL Database Connections These restrictions apply no matter where the System Details widget is accessed from: Home Dashboard Custom Dashboard Widget List Preview System Identifier on User Task Bar System Clock on User Task Bar
System Details Expanded Categories (uc.widget.system_details.expanded.default)	Specification for which System Details widget categories to expand by default: Cluster Node Release Memory License Database	Cluster Node
System Identifier (uc.system_identifier)	User-selected name displayed in the System Identifier field on the User Task Bar.	(none)
System Identifier Background Color (uc.system_identifier.background_color)	Background color for the System Identifier field on the User Task Bar.	black
System Identifier Color (uc.system_identifier.color)	Text color for the System Identifier field on the User Task Bar.	white
Task Automatic Output Retrieval Default (uc.task.output_return_type.default)	Default Automatic Output Retrieval field value for Windows and Linux/Unix tasks and for Universal Templates.	None
Task Field Resolution Required (uc.task.field.resolution.required)	Specification (true or false) for whether or not a task instance transitions to Start Failure if qualifying fields - such as Command, Script, Parameters (including z/OS Parameters), and Environment Variables - remain unresolved at runtime.	false
Task Instance Normalize Business Service Membership (uc.task_instance.normalize_bsrvc)	Indicates if the Universal Controller is normalizing Business Service membership for Task Instance and History records: Disabled Business Service normalization is not enabled. Enabled/Normalizing Business Service normalization is enabled. New Task Instance and History records are being normalized; however, existing Task Instance and History record normalization has not completed. Enabled/Normalized Business Service normalization is enabled. New Task Instance and History records are being normalized, and normalization of existing Task Instance and History records has completed. Note This property is read-only. It can be updated only by running the Enable Task Instance Business Service Normalization and Disable Task Instance Business Service Normalization server operations.	Disabled
Task Launch Reason Required (uc.task.launch_reason.required)	Specification (true or false) for whether or not a new field, launch reason, will be added to the manual launch command of a task or trigger and these details will be added to the Notes section of the task instance details.	false
Task Output Path Functions Permitted (uc.task.output_path.functions.permitted)	Specification (true or false) for whether or not Output Path tokens generated by Task Instance Output Path and Sibling Task Instance Output Path functions are permitted.	true
Task Retry Maximum (uc.task.retry_maximum)	Specification for whether or not to enforce a maximum number of task instance retries. Valid values: blank: No limit on Maximum Retries; Retry Indefinitely is permitted. >=1: Limit on Maximum Retries; Retry Indefinitely is not permitted. Note If any current tasks are in violation of the selected >=1 Task Retry Maximum, an error message will occur. To see which tasks have a Maximum Retries value specified, or have Retry Indefinitely selected, run a Report on all tasks or display the Maximum Retries and Retry Indefinitely columns on the All Tasks list.	blank
Task Simulation Permitted (uc.task.simulation.permitted)	Specification (true or false) for whether or not the simulation feature is enabled. When disabled: Simulation service no longer available from Services menu. Auto open for Simulation tab ignored. Simulate option no longer available from Task, Task Instance and Trigger forms. Simulate option no longer available from Launch with Variables… and Trigger Now… commands.	true
Task Time Zone Preference (uc.task.time_zone_preference.default)	Specification (Server or Inherited) for whether the time zone for a task is evaluated on the time zone of the server or the time zone of the Parent Workflow or Trigger / Launch specification.	Server
Task Variable Path Function Permitted (uc.task.variable_path.function.permitted)	Specification (true or false) for whether or not task variable path function is permitted.	true
Task Wait For Output Timeout In Seconds (uc.task.wait_for_output.timeout_in_seconds)	If Wait For Output is enabled for a task where automatic output retrieval is selected (potentially, to be used by a successor task); Length of time (in seconds) that the task will wait (that is, remain Running) until the output is returned by the Agent so that the successor task does not run before the output is available.	60
Time Trigger Minimum Frequency In Seconds (uc.trigger.time.minimum_frequency_in_seconds)	Minimum frequency - in seconds - of the Time Interval for a Time Trigger.	5
Track Counts For Unlimited Execution Limit (uc.execution_limit.unlimited.counts)	Specification (true or false) for enabling the tracking of task instances running concurrently if the Task Execution Limit field for an Agent or Agent Cluster is set to Unlimited. The following restrictions apply to this property: If you change this property, all UI behavior based on this property will require logging out/logging in to take effect. You cannot change this property from false to true while there are one or more task instances running against an Agent and/or Agent Cluster. If you change this property from false to true, all Agents and Agent Clusters will begin tracking task counts. If you change this property true to false, all Agents and Agent Clusters that are not Limited will have their Current Count column set to 0. If this property is false, and an Agent or Agent Cluster is Unlimited, the Current Count column will display as blank in the list and will be hidden in the Agent / Agent Cluster Details. If this property is true, and an Agent or Agent Cluster is Unlimited, the Current Count column will display the current count and the current count will be visible in the Agent / Agent Cluster Details. If this property is false, and you change an Agent / Agent Cluster from Limited to Unlimited, the current count will be reset back to 0. If this property is true or false, and you change an Agent / Agent Cluster from Unlimited to Limited, the current count will be reset back to 0. Note For optimal performance, we recommend that you leave this property set to false.	false
Trigger Task Launch Skip Condition Default (uc.trigger.skip_condition.default)	Default value of the Task Launch Skip Condition field for all trigger types: None Active Active By Trigger	None
Universal Event Extension Publish Audit (uc.universal_event.publish.extension.audit)	Specification (true or false) for whether or not an audit record is generated for each Universal Event published through an Extension-based Universal Task Instance. Note Enabling this property can cause a large amount of audit to be generated.	false
Universal Event Web Service Publish Audit (uc.universal_event.publish.web_service.audit)	Specification (True or false) for whether or not an audit record is generated for each Universal Event published through the Web Service API. Note Enabling this property can cause a large amount of audit to be generated.	false
Universal Task Interact with Desktop Permitted (uc.task.universal.interact_with_desktop.permitted)	Specification (true or false) for whether or not to permit utilizing Interact with Desktop option for Universal Task.	false
Universal Template Extension Maximum Bytes (uc.universal_template.extension.maximum_bytes)	Maximum number of bytes (6000000 - 1000000000) for a Universal Template Extension Archive. If you are deploying large extensions, it is important that you configure the Java heap size adequately. Things to consider. # of agents configured to accept the extension(s). # of agents configured to deploy on-registration and how many would be registering simultaneously. # of parallel, on-demand deployments, where deployment happens the first time the extension needs to execute on a specific agent.	6000000
URL Action Parameter Enabled (uc.url.action_parameter.enabled)	Specification (true or false) for whether or not to enable the URL Action parameter, which lets you automatically perform an action in the user interface.	true
Use Checksum Validation (uc.use.checksums)	Specification (true or false) for whether or not to implement checksum validation in order to prevent tampering of Controller data outside of the Controller system.	false
Use Dashboard Visibility Icons (uc.dashboard.use_visibility_icons.default)	Specification (Yes or No) of the system default for the Use Dashboard Visibility Icons user preference.	Yes
User Defined Task Field 1 Label (uc.task.custom_field1.label)	Label for this user-defined field that will display in the General Information section of the Details for all existing and new tasks and task instances.	(none)
User Defined Task Field 1 Required (uc.task.custom_field1.required)	Specification (true or false) for whether or not User Defined Task Field 1 is required.	false
User Defined Task Field 2 Label (uc.task.custom_field2.label)	Label for this user-defined field that will display in the General Information section of the Details for all existing and new tasks and task instances.	(none)
User Defined Task Field 2 Required (uc.task.custom_field2.required)	Specification (true or false) for whether or not User Defined Task Field 2 is required.	false
User Defined Trigger Field 1 Label (uc.trigger.custom_field1.label)	Label for this user-defined field that will display in the General Information section of the Details for all existing and new triggers.	(none)
User Defined Trigger Field 1 Required (uc.trigger.custom_field1.required)	Specification (true or false) for whether or not User Defined Trigger Field 1 is required.	false
User Defined Trigger Field 2 Label (uc.trigger.custom_field2.label)	Label for this user-defined field that will display in the General Information section of the Details for all existing and new triggers.	(none)
User Defined Trigger Field 2 Required (uc.trigger.custom_field2.required)	Specification (true or false) for whether or not User Defined Trigger Field 2 is required.	false
User Interface Desnity (uc.user_interface.density.default)	Default density setting (font and control size offset) for the user interface: Dense (-2) Compact (-1) Standard ( 0) Expanded (+1) Spacious (+2) When the User Interface Density user preference is -- System Default --, this property specifies the density to be used.	Standard
User Interface Theme (uc.user_interface.theme.default)	Default display theme to use for the user interface: Light Dark When the User Interface Theme user preference is -- System Default --, this property specifies the theme to be used.	Light
Virtual Page Fetch Limit (uc.virtual_page.fetch_limit)	Virtual page size to be used when scrolling in a list.	100
Virtual Page Pick List Fetch Limit (uc.virtual_page.pick_list.fetch_limit)	Virtual page size to be used when scrolling the options in a drop-down list that are bound by another data source (for example, the Task To Monitor drop-down list options in the Task Monitor Task Details).	100
Wait For Running Extensions To Complete Before New Deployment (uc.extension.deployment.wait_for_running_tasks)	Specification (true or false) for whether or not an extension deployment to an Agent will wait for any currently running Task Instances of that Template on that same Agent.	true
Web Service Application Concurrent Request Limit (uc.web_service.application.concurrent_request.limit)	Controls the number of concurrent requests for the application (that is, the Universal Controller server). The application-level concurrent request limit cannot be less than 1 or less than the user-level concurrent request limit (if specified).	(none; that is, no limit)
Web Service Basic Auth Permitted (uc.web_service.basic_auth.permitted)	Specification (true or false) for whether or not Basic Authentication is permitted for the controller Web service APIs.	true
Web Service Credentials Permitted (uc.credentials.web_service.permitted)	Allows enabling/disabling the use of Web Service credentials. If false: Creation of new Web Service credentials will be prohibited. All Web Service Task Instances using authentication will transition into the Start Failure status. If false on a target Controller to which you are promoting, the promotion will fail.	true
Web Service Default Response Content (uc.web_service.response.content.default)	Default type of content, XML or JSON, for web service responses.	XML
Web Service Memory Utilization Threshold (uc.web_service.memory.utilization.threshold)	Percentage of allocated memory in use that defines a threshold for prohibiting access to the RESTful Web Service API. The threshold must be a whole number (integer) and cannot be less than 1 or more than 99.	(none; that is, no threshold))
Web Service Personal Access Token Auth Headers (uc.web_service.personal_access_token_auth.headers)	Specifies a comma-delimited list of alternative authorization headers where a Personal Access Token can be specified for Web Service authentication. See Web Service authentication examples.	(none)
Web Service Personal Access Token Auth Permitted (uc.web_service.personal_access_token_auth.permitted)	Specification (true or false) for whether or not Personal Access Token Authentication is permitted for the controller Web Service APIs.	true
Web Service Personal Access Token Maximum Expiration In Days (uc.web_service.personal_access_token.maximum_expiration_in_days)	Controls the maximum expiration day for a web service personal access token. If specified, expiration for any newly generated Personal Access Token must be within the maximum.	(none; that is, no limit)
Web Service Task Insecure Permitted (HTTP) (uc.task.web_service.http.insecure.permitted)	Specification (true or false) for whether or not an Insecure field is added to Web Service tasks. which can allow the Web Service task to proceed with a TLS/SSL connection that is considered insecure. Note This property cannot be set to false if there are existing Web Service tasks with Insecure enabled.	false
Web Service Task Output MIME Type Exclusion List (HTTP) (uc.task.web_service.output.mime_type.exclusion_list)	List of content-types, such as binary, that are discarded to avoid being stored as Web Service Task output, which are not supported and can lead to task instance run failure.	image/,audio/,video/*,application/pdf
Web Service Task Resolvable Credentials Functions Permitted (uc.task.web_service.credentials.resolvable.functions.permitted)	Specification (true or false) for whether or not to permit Resolvable Credential functions support in Web Service tasks. Note In order to enable Resolvable Credential functions support for Web Service Task, this property and the Resolvable Credentials Permitted system property must set to true.	false
Web Service Task System Proxy Property Inheritance (HTTP) (uc.task.web_service.http.proxy_property_inheritance)	Specification (true or false) for whether or not to use the Java proxy system properties for HTTP Web Service tasks.	false
Web Service Task Timeout (uc.task.web_service.timeout)	Number of seconds to wait for the request to complete, if a Timeout value is not specified for a Web Service task.	60
Web Service Task URL Whitelist Regular Expression (uc.task.web_service.url.whitelist)	Regular Expression that specifies the URLs supported by the Web Service task. (The default value specifies that all URLs are supported.) If you have a specific regex that you want to be case-insensitive, pre-pend the following option to the regex: (?i)"."(?i)	^https?://.+$
Web Service User Concurrent Request Limit (uc.web_service.user.concurrent_request.limit)	Controls the number of concurrent requests per unique user ID. The user-level concurrent request limit cannot be less than 1 or greater than the application-level concurrent request limit (if specified).	(none; that is, no limit)
Windows/Linux Scripts Permitted (uc.script.distributed.permitted)	Specification (true or false) for whether to enable (true) or disable (false) the use of the Script type. Note You can set Windows/Linux Scripts Permitted to false only if currently there are no Script types defined in the database.	true
Windows Task Interact with Desktop Permitted (uc.task.windows.interact_with_desktop.permitted)	Specification (true or false) for whether or not to permit utilizing Interact with Desktop option for Windows Task.	false
Workflow Monitor Task Description Enabled (uc.workflow.monitor.task.description.enabled)	Specification (true or false) for whether to enable (true) or disable (false) the display of a Task Description field in the Task Instance Details for a task instance in a Workflow Monitor.	true
Workflow Search Result Limit (uc.workflow.search_result_limit)	Results limit when querying for task records from the Task Find or Open Workflow pop-up.	200
z/OS Task Increment Number Of Override Instances On Force Finish (uc.task.zos.override_run_count.increment_on_force_finish)	Specifies (true or false) if the Number Of Override Instances should be incremented when a z/OS task instance is force finished, like it does when completed successfully. Once incremented, if the Number Of Override Instances is greater than or equal to the z/OS task instance Override Instance Count for Deletion, the controller will automatically request the agent delete the override JCL.	true

Overriding Universal Controller System Properties

You can override any Universal Controller system property by adding it to the Universal Controller Start-up Properties (uc.properties) file and restarting the Controller.

Any Universal Controller system property added to uc.properties must be in the same format as the uc.properties properties: <Property Name>=<value>. For example: uc.startup.paused=true

When the restarted Controller reads the uc.properties file, it updates the database with the value of any Universal Controller system property included in the file. It then removes that property from the file.

Deprecated System Properties

The following system properties have been deprecated and hidden in Universal Controller. However, if you have upgraded Universal Controller from a release earlier than 7.1.0.0, you may still see them in your System Properties list.

Name (Property Name)	Description	Default	Release Deprecated
Promotion Accept Bundle Create/Update Permission Required (opswise.promotion.accept_bundle.create_update_permission.required)	Specification (true or false) for whether or not the ops_promotion_admin role additionally requires Create (or Update) permission, on the target Universal Controller, for any record type being promoted. Any user without the ops_promotion_admin role always will require Create (or Update) permission, regardless of this property.	true	6.9.0.0
Promotion Read Permission Required (opswise.promotion.read_permission.required)	Specification (true or false) for whether or not the ops_promotion_admin role additionally requires Read permission, on the source Universal Controller, for any record type being promoted. Any user without the ops_promotion_admin role always will require Read permission, regardless of this property. Note If false, any user with the ops_promotion_admin role automatically is granted Read permission for any record that can be promoted.	true	6.9.0.0
Promotion Strict Mode (uc.promotion.strict_mode)	Specification for whether or not to fail a promotion if a record being promoted matches both of the following target records conditions simultaneously: Record with same name / different sysid Record with different name / same sysid If the record being promoted matches a target record by only one of the above conditions, the Controller will allow the promotion to continue. Depending on which condition you match, you will see the following result. If the record being promoted matches a target record with same name / different sysid, the id mismatch will be logged in this format: `Promoted {type} with name "name" and id 3c7a1b3c422049cab796e98fb5420ff3 has a different id than the original "name" with id 7b91616ff0dc431b9ae011f6e795806e.` If the record being promoted matches a target record with different name / same sysid, it is considered a name update and the name mismatch will not be logged. Valid values are 0 (allow) and 1 (fail).	1	7.4.0.0
Strict Business Service Membership Read Constraints (opswise.read_constraints.bsrvc_membership.strict)	Specification (true or false) for whether the Controller will enforce explicit Read permission for the following record types: Agent Agent Cluster Calendar Credential Database Connection Email Connection Email Template OMS Server PeopleSoft Connection SAP Connection SNMP Manager Trigger Forecasts Virtual Resource If the property is false, users have implicit Read permission for these record types. If the property is true, users can view these record types only if they are granted Read permission explicitly via an appropriate role or permission. Note For those record types, above, that have a corresponding permission type, when you create a permission, the Read operation checkbox automatically will be checked if the property is false.	true	6.9.0.0
Strict Connection Execute Constraints (opswise.connection.execute_constraints.strict)	Specification (true or false) for whether Universal Controller will enforce Execute constraints for connections (Database Connections, Email Connections, SAP Connections, and SNMP Managers) during task instance execution. If Strict Connection Execute Constraints is false, only Read constraints for connections are enforced based on the configuration of the Strict Business Service Membership Read Constraints Universal Controller system property. If Strict Connection Execute Constraints is true, the Execution User for any task instance executing with a connection must have Execute permission for that connection; otherwise, the task instance will transition into a Start Failure status.	true	6.9.0.0
Variable Security Enabled (opswise.security.variable.enabled)	Specification (true or false) for enabling enhanced Global Variable security.	true	6.9.0.0
Virtual Resource Security Enabled (opswise.security.virtual_resource.enabled)	Specification (true or false) for enabling enhanced Virtual Resource security.	true	6.9.0.0

Command Line Interface (CLI) Properties

A sample Command Line Interface (CLI) configuration file, cmdtools.props, is provided for your use to pass CLI Global parameters to a CLI function.

The file is created during installation of Universal Agent if the Command Line Interface (CLI) has been selected to be installed.

network.provider=
network.omsservers=
network.omsnft=
network.transports=
network.core=HUB01
security.userid=
security.password=
config.timeout=

However, you can create a configuration file with any name; it must exist in the directory from where you are issuing the functions (see Command Line Interface (CLI)).

Universal Controller 7.7.x

Properties

Analytics

Overview

Universal Controller Start-up Properties (uc.properties)

Secrets Provider Properties

AWS Secrets Manager

Azure Key Vault

CyberArk Credential Provider

CyberArk Central Credential Provider

Sample uc.properties File

Universal Controller System Properties

Overriding Universal Controller System Properties

Deprecated System Properties

Command Line Interface (CLI) Properties

Related content