Attributes Sub-Tabs

Under certificate main tab, there is a set of sun-tab pages for various type of attributes. These similar attributes sub-tabs are also contained in user main tab, group main tab and global main tab. Discussion on them are summarized in this section.

Certificate Validity Tab

Certificate Validity parameters includes three attributes: certbuf_certstartdate, certbuf_certexpiredate and certbuf_sessiontimeout. Their configurations are in the Certificate Validity sub-tab page, and are shown as follow.

som-subtab-cert-validity

To set certificate start/expire date, select Certificate Start Date, or Certificate Expire Date. Then choose a date from the calendar.

When SyncOffice Manager is launched, it will set the last valid day of the calendar as the same date after two years. This limits to that, a certificate can only be valid within 2 years. After two years, it's should be re-issued.

During certificate life time, each login will activate a work session for SyncOffice. In this tab page, you can select a work session should last for 1 hour, or 12 hours. Typically, 1-hour option is for temporary worker or visitor, while 12-hour option is for daily work employee.

Local Access Control Tab

Local Access Control parameters include two attributes: certbuf_accesscontrol and certbuf_acvalidtime. Their configurations are in the Local Access Control sub-tab page, and are shown as follow.

som-subtab-lac

certbuf_accesscontrol is a bitmap attribute data contains several logic switch options. For the time being, the enabled options are as follows:

  • Use Time Of Day Constraint
  • Use Asymmetric Style Key
  • Allow Runtime Config

You can set the valid time period for a generated AccessCode in this tab page. There are three options: valid for current hour, current day, or current month.

IP Allow List Tab

In IP Allow List Tab, you can set allowed network IP address where the SyncOS/SyncOffice can work. The IP Allow List sub-tab is shown as follow.

som-subtab-IP

If all IP are set as "0.0.0.0", no IP restriction is applied. Any working IP is allowed.

If one or more LAN IP is set as a valid non "0.0.0.0" IP, RAS (SyncOffice Authenticator) will check if the authorization request was sent from an allowed LAN IP. If not, authorization fails.

If one or more WAN IP is set as a valid non "0.0.0.0" IP, RAS or RSS will check if the authorization request was sent from an allowed WAN IP. If not, authorization fails.

In this sub-tab, once you changed IP address data, you need to press "Set Data To Cache" button to save changed value into certificate cache.

Time Of Day Control Tab

Time Of Day Control Tab defines the certificate work time periods in hours within a span of one week. Each day can have two periods, and each period has a consecutive several hours.

som-subtab-tod

In this sub-tab, once you changed work period time data, you need to press "Set Data To Cache" button to save changed value into certificate cache.

Remote Auth Attribute Tab

Remote Auth Attribute Tab defines various remote control used definitions. These definitions will be uploaded to RAS/RSS for remote authorization.

som-subtab-remote

The left GroupBox shows the related user template's values, their text font style is in Italic. They are read only, just are shown there as a reference when you set the certificate value.

Document Key Tab

Document Key Tab is used to define the certificate's default and write privilege group, as well as one or more open privilege groups.

som-subtab-dockey

The document key values are in two levels: global level and group level. All key values are not defined here. Rather, they are defined in group management main tab and global management main tab.