Skip to main content

KB - Overriding PK Protect Default Behavior

PK Protect supports overriding default functionality through a settings.json file in the application directory or settings in the Windows registry.

Settings.json Options

PK Protect supports a settings.json file (not present by default) to override several default application behaviors. Create the file here:

Windows:

CODE
%LOCALAPPDATA%\PKWARE\settings.json

Linux:

CODE
$SMARTCRYPT_HOME/.PKWARE/settings.json

OSX:

CODE
$HOME/.PKWARE/settings.json

useIWA

In some environments, Integrated Windows Authentication is undesirable. setting the useIWA flag to false allows PEM Administrators to force users on the Windows platform to log in manually instead of using the Windows credentials they are currently logged in with.

CODE
{"useIWA":false}

SMDS

If clients cannot reach the Internet to determine the location of your PEM Administrator, set the SMDS value to override the location the application uses for the PEM Administrator server.

CODE
{"SMDS":"https://pkwareops.mydomain.com/mds"
}

dataCenter

On PK Protect Appliance deployments, servers are organized by datacenter. You can override the default Datacenter and force the PK Protect application to use a specific datacenter as its primary:

CODE
{"dataCenter":"Chicago"
}

Multiple directives can be stored in the same settings.json file:

CODE
{"SMDS":"https://pkwareops.mydomain.com/mds",
"useIWA":false;
}

Discovery options

RetryDelay

When processing file events reported by folder watch for Discovery folders, we use default retry-delay of 1 min (60 sec) (60,000 ms). That retry-delay can adjusted by specifying number of milliseconds using the "discoveryRetryDelay" value.

CODE
{"discoveryRetryDelay":"60000"
}

Command Window behavior

The command window behavior on Discovery remediations can be controlled through the systemCommandMode setting.

systemCommandMode=0 - Hide window (default)
systemCommandMode=1 - Show window
systemCommandMode=2 - Show window and do not close it (effectively a debug mode for when developing scripts)
systemCommandMode=3 - Use built in system() function

CODE
{"systemCommandMode":"1"
}

Registry options

On Windows machines, PK Protect supports registry entries to modify its behavior in addition to the settings.json file. All registry entries are string values under the key HKEY_LOCAL_MACHINE\SOFTWARE\PKWARE\Smartcrypt

SMDS

If clients cannot reach the Internet to determine the location of your PEM Administrator, set the SMDS value to override the location the application uses for the PEM Administrator server.
Example powershell script to modify this:


POWERSHELL
$registryPath = "HKLM:\SOFTWARE\PKWARE\SmartCrypt"
$Name = "SMDS"
$value = "https://pkwareops.mydomain.com/mds"
IF(!(Test-Path $registryPath))
{
New-Item -Path $registryPath -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $name -Value $value `
-PropertyType STRING -Force | Out-Null
}
ELSE {
New-ItemProperty -Path $registryPath -Name $name -Value $value `
-PropertyType STRING -Force | Out-Null
}

UseIWA


In some environments, Integrated Windows Authentication is undesirable. setting the useIWA flag to false allows PK Protect administrators to force users on the Windows platform to log in manually instead of using the Windows credentials they are currently logged in with.

useIWA String "0" for "false", any other NUMBER for "true"


POWERSHELL
$registryPath = "HKLM:\SOFTWARE\PKWARE\SmartCrypt"
$Name = "useIWA"
$value = "0"
IF(!(Test-Path $registryPath))
{
New-Item -Path $registryPath -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $name -Value $value `
-PropertyType STRING -Force | Out-Null
}
ELSE {
New-ItemProperty -Path $registryPath -Name $name -Value $value `
-PropertyType STRING -Force | Out-Null
}



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.