Registry Settings for Credentials DB

This document describes the registry settings for Credentials DB. Configuration information can be maintained in both the user and machine registry hives. If a single setting is defined in both the user and machine hives, the user setting will override the machine setting.

KCDB

Registry path: HKCU|HKLM\Software\MIT\NetIDMgr\KCDB

Khimaira Credentials DB

IdentityProviderOrder

Type: REG_SZ

Default: Krb5Ident

Order of identity providers.

IdentSerial

Type: REG_QWORD

Default: 0

Identity Serial Number.

DefaultMonitor

Type: REG_DWORD

Default: 1

Boolean. This is the default Monitor value that is assigned for new identities.

DefaultAllowAutoRenew

Type: REG_DWORD

Default: 1

Default AllowAutoRenew value for new identities

DefaultSticky

Type: REG_DWORD

Default: 0

Default Sticky value for new identities

MaxThreshold

Type: REG_DWORD

Default: 86400

Max value for a threshold (1 day)

MinThreshold

Type: REG_DWORD

Default: 10

Min value for a threshold (0)

Identity

Registry path: HKCU|HKLM\Software\MIT\NetIDMgr\KCDB\Identity

Configuration space for identities

(Schema)

Registry path: HKCU|HKLM\Software\MIT\NetIDMgr\KCDB\Identity\_Schema

Schema for identities

Name

Type: REG_SZ

Default:

The name of the identity.

IDProvider

Type: REG_SZ

Default:

The name of the identity provider.

Sticky

Type: REG_DWORD

Default: 0

Boolean. Is this a sticky identity?

Monitor

Type: REG_DWORD

Default: 1

Boolean. Enables monitoring the identity

WarnThreshold

Type: REG_DWORD

Default: 900

In seconds

AllowWarn

Type: REG_DWORD

Default: 1

Boolean. Allow warning.

CriticalThreshold

Type: REG_DWORD

Default: 60

In seconds

AllowCritical

Type: REG_DWORD

Default: 1

Boolean. Allow critical.

AutoRenewThreshold

Type: REG_DWORD

Default: 60

In seconds

AllowAutoRenew

Type: REG_DWORD

Default: 1

Boolean.

RenewAtHalfLife

Type: REG_DWORD

Default: 1

Attempt to renew at half life intervals.

IconNormal

Type: REG_SZ

Default:

Resource path for the icon representing the identity. This path may contain unexpanded environment strings.

IconOriginal

Type: REG_SZ

Default:

Path for cached copy of original bitmap used for identity icon. This path may contain unexpanded environment strings.

IconCrop

Type: REG_SZ

Default:

Crop boundaries

IconSource

Type: REG_SZ

Default:

Original source string for the identity image

IdentSerial

Type: REG_QWORD

Default: 0

Identity serial number.