2021-01-20 00:26:53 -08:00

406 lines
14 KiB
Raw Blame History

"$schema": "",
"__comment__": "This is a sample configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
"settings": {
"_cert": "",
"_mongoDb": "mongodb://",
"_mongoDbName": "meshcentral",
"_mongoDbChangeStream": true,
"_mongoDumpPath": "C:\\Program Files\\MongoDB\\Server\\4.2\\bin\\mongodump.exe",
"_WANonly": true,
"_LANonly": true,
"_sessionKey": "MyReallySecretPassword1",
"_sessionSameSite": "strict",
"_dbEncryptKey": "MyReallySecretPassword2",
"_dbRecordsEncryptKey": "MyReallySecretPassword",
"_dbRecordsDecryptKey": "MyReallySecretPassword",
"__dbExpire": "Amount of time to keep various events in the database, in seconds. Below are the default values.",
"_dbExpire": {
"events": 1728000,
"powerevents": 864000,
"statsevents": 2592000
"port": 443,
"_portBind": "",
"_aliasPort": 444,
"_redirPort": 80,
"_redirPortBind": "",
"_redirAliasPort": 80,
"_agentPort": 1234,
"_agentPortBind": "",
"_agentAliasPort": 1234,
"_agentAliasDNS": "",
"_agentPortTls": true,
"_exactPorts": true,
"_allowLoginToken": true,
"_allowFraming": true,
"_cookieIpCheck": false,
"_cookieEncoding": "hex",
"_compression": true,
"_wscompression": false,
"_agentwscompression": true,
"_agentsInRam": false,
"_webRTC": false,
"_nice404": false,
"_selfUpdate": true,
"_browserPing": 60,
"_browserPong": 60,
"_agentPing": 60,
"_agentPong": 60,
"_agentIdleTimeout": 150,
"_meshErrorLogPath": "c:\\tmp",
"_npmPath": "c:\\npm.exe",
"_npmProxy": "",
"_allowHighQualityDesktop": true,
"_desktopMultiplex": true,
"_userAllowedIP": ",",
"_userBlockedIP": ",::1,",
"_agentAllowedIP": "",
"_agentBlockedIP": ",::1",
"_authLog": "c:\\temp\\auth.log",
"_manageAllDeviceGroups": [ "user//admin" ],
"_manageCrossDomain": [ "user//admin" ],
"_localDiscovery": {
"name": "Local server name",
"info": "Information about this server"
"_tlsOffload": ",::1",
"_trustedProxy": ",::1",
"_mpsPort": 44330,
"_mpsPortBind": "",
"_mpsAliasPort": 4433,
"_mpsAliasHost": "",
"_mpsTlsOffload": true,
"_no2FactorAuth": true,
"_log": "main,web,webrequest,cert",
"_syslog": "meshcentral",
"_syslogauth": "meshcentral-auth",
"_syslogjson": "meshcentral-json",
"_webrtcConfig": {
"iceServers": [
{ "urls": "" },
{ "urls": "" }
"_autoBackup": {
"backupIntervalHours": 24,
"keepLastDaysBackup": 10,
"zipPassword": "MyReallySecretPassword3",
"_backupPath": "C:\\backups",
"_googleDrive": {
"folderName": "MeshCentral-Backups",
"maxFiles": 10
"webdav": {
"url": "https://server/remote.php/dav/files/",
"username": "user",
"password": "pass",
"folderName": "MeshCentral-Backups",
"maxFiles": 10
"_redirects": {
"meshcommander": ""
"__maxInvalidLogin": "Time in minutes, max amount of bad logins from a source IP in the time before logins are rejected.",
"_maxInvalidLogin": {
"time": 10,
"count": 10,
"coolofftime": 10
"watchDog": { "interval": 100, "timeout": 400 },
"_plugins": { "enabled": true }
"_domaindefaults": {
"__comment__": "Any settings in this section is used as default setting for all domains",
"title": "MyDefaultTitle",
"footer": "Default page footer",
"newAccounts": false
"_domains": {
"": {
"_siteStyle": 2,
"title": "MyServer",
"title2": "Servername",
"_titlePicture": "title-sample.png",
"_loginPicture": "title-sample.png",
"_userQuota": 1048576,
"_meshQuota": 248576,
"minify": true,
"_guestDeviceSharing" : false,
"_loginKey": [ "abc", "123" ],
"_newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"_userNameIsEmail": true,
"_newAccountEmailDomains": [ "" ],
"_newAccountsRights": [ "nonewgroups", "notools" ],
"_welcomeText": "Sample Text on Login Page.",
"_welcomePicture": "mainwelcome.jpg",
"___hide__": "Sum of: 1 = Hide header, 2 = Hide tab, 4 = Hide footer, 8 = Hide title, 16 = Hide left bar",
"_hide": 4,
"_footer": "<a href=''>Twitter</a>",
"_loginfooter": "This is a private server.",
"_certUrl": "",
"myServer": {
"Backup": false,
"Restore": false,
"Upgrade": false,
"ErrorLog": false,
"Console": false,
"Trace": false
"_passwordRequirements": {
"min": 8,
"max": 128,
"upper": 1,
"lower": 1,
"numeric": 1,
"nonalpha": 1,
"reset": 90,
"force2factor": true,
"skip2factor": ",",
"oldPasswordBan": 5,
"banCommonPasswords": false
"_twoFactorCookieDurationDays": 30,
"_agentInviteCodes": true,
"_agentNoProxy": true,
"_geoLocation": true,
"_novnc": false,
"_mstsc": true,
"_WebEmailsPath": "/myserver/email-templates",
"_consentMessages": {
"title": "MeshCentral",
"desktop": "{0} requesting remote desktop access. Grant access?",
"terminal": "{0} requesting remote terminal access. Grant access?",
"files": "{0} requesting remote files access. Grant access?"
"_notificationMessages": {
"title": "MeshCentral",
"desktop": "{0} started a remote desktop session.",
"terminal": "{0} started a remote terminal session.",
"files": "{0} started a remote files session."
"agentCustomization": {
"displayName": "Compagny<6E> Product<63>",
"description": "Compagny<6E> Product<63> agent for remote monitoring, management and assistance.",
"companyName": "Compagny",
"serviceName": "compagnyagent",
"fileName": "compagnyagent"
"_userAllowedIP": ",",
"_userBlockedIP": ",::1,",
"_agentAllowedIP": "",
"_agentBlockedIP": ",::1",
"_orphanAgentUser": "admin",
"___userSessionIdleTimeout__": "Number of user idle minutes before auto-disconnect",
"_userSessionIdleTimeout": 30,
"userConsentFlags": {
"desktopnotify": true,
"terminalnotify": true,
"filenotify": true,
"desktopprompt": true,
"terminalprompt": true,
"fileprompt": true,
"desktopprivacybar": true
"_urlSwitching": false,
"_desktopPrivacyBarText": "Your privacy bar message",
"_limits": {
"_maxDevices": 100,
"_maxUserAccounts": 100,
"_maxUserSessions": 100,
"_maxAgentSessions": 100,
"maxSingleUserSessions": 10
"_amtScanOptions": [
"_amtAcmActivation": {
"log": "amtactivation.log",
"certs": {
"mycertname": {
"certfiles": [ "amtacm-leafcert.crt", "amtacm-intermediate1.crt", "amtacm-intermediate2.crt", "amtacm-rootcert.crt" ],
"keyfile": "amtacm-leafcert.key"
"_amtManager": {
"adminAccounts": [{ "user": "admin", "pass": "MyP@ssw0rd" }],
"environmentDetection": [ "", "", "", "" ],
"wifiProfiles": [
"name": "Profile1",
"ssid": "MyStation1",
"authentication": "wpa2-psk",
"encryption": "ccmp-aes",
"password": "MyP@ssw0rd"
"_redirects": {
"meshcommander": ""
"_yubikey": {
"id": "0000",
"secret": "xxxxxxxxxxxxxxxxxxxxx",
"_proxy": ""
"_httpHeaders": {
"Strict-Transport-Security": "max-age=360000",
"x-frame-options": "SAMEORIGIN"
"_agentConfig": [ "webSocketMaskOverride=1", "coreDumpEnabled=1" ],
"_sessionRecording": {
"_onlySelectedDeviceGroups": true,
"_filepath": "C:\\temp",
"_index": true,
"_maxRecordings": 10,
"_maxRecordingSizeMegabytes": 3,
"__protocols__": "Is an array: 1 = Terminal, 2 = Desktop, 5 = Files, 100 = Intel AMT WSMAN, 101 = Intel AMT Redirection",
"protocols": [ 1, 2, 101 ]
"_authStrategies": {
"__comment__": "This section is used to allow users to login using other accounts. You will need to get an API key from the services and register callback URL's",
"twitter": {
"_callbackurl": "https://server/auth-twitter-callback",
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"clientid": "xxxxxxxxxxxxxxxxxxxxxxx",
"clientsecret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
"google": {
"_callbackurl": "https://server/auth-google-callback",
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"clientid": "",
"clientsecret": "xxxxxxxxxxxxxxxxxxxxxxx"
"github": {
"_callbackurl": "https://server/auth-github-callback",
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"clientid": "xxxxxxxxxxxxxxxxxxxxxxx",
"clientsecret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
"reddit": {
"_callbackurl": "https://server/auth-reddit-callback",
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"clientid": "xxxxxxxxxxxxxxxxxxxxxxx",
"clientsecret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
"azure": {
"_callbackurl": "https://server/auth-azure-callback",
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"clientid": "00000000-0000-0000-0000-000000000000",
"clientsecret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"tenantid": "00000000-0000-0000-0000-000000000000"
"jumpcloud": {
"_callbackurl": "https://server/auth-jumpcloud-callback",
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"entityid": "meshcentral",
"idpurl": "",
"cert": "jumpcloud-saml.pem"
"saml": {
"_callbackurl": "https://server/auth-saml-callback",
"_disableRequestedAuthnContext": true,
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"_newAccountsRights": [ "nonewgroups", "notools" ],
"entityid": "meshcentral",
"idpurl": "https://server/saml2",
"cert": "saml.pem"
"_customer1": {
"_dns": "",
"_title": "Customer1",
"_title2": "TestServer",
"_newAccounts": 1,
"_auth": "sspi",
"__auth": "ldap",
"_LDAPUserName": "gecos",
"_LDAPUserKey": "uid",
"_LDAPUserEmail": "otherMail",
"_LDAPPptions": {
"url": "test",
"anne": {
"gecos": "Anne O'Nyme",
"displayName": "O Nyme anne",
"uid": "anneonyme",
"mail": "",
"email": "",
"otherMail": [ "", "" ]
"so": {
"displayName": "Sticker Sophie",
"gecos": "Sophie Sticker",
"uid": "ssticker",
"mail": "",
"email": "",
"otherMail": [ "", "" ]
"__LDAPOptions": {
"URL": "ldap://",
"BindDN": "CN=svc_meshcentral,CN=Users,DC=meshcentral,DC=local",
"BindCredentials": "Password.1",
"SearchBase": "DC=meshcentral,DC=local",
"SearchFilter": "(sAMAccountName={{username}})"
"_footer": "Test",
"_certUrl": ""
"_info": {
"_share": "C:\\ExtraWebSite"
"_letsencrypt": {
"__comment__": "Requires NodeJS 8.x or better, Go to first before trying Let's Encrypt.",
"email": "",
"names": ",",
"production": false
"_peers": {
"serverId": "server1",
"servers": {
"server1": { "url": "wss://" },
"server2": { "url": "wss://" }
"_smtp": {
"host": "",
"port": 25,
"from": "",
"__tls__": "When 'tls' is set to true, TLS is used immidiatly when connecting. For SMTP servers that use TLSSTART, set this to 'false' and TLS will still be used.",
"tls": false,
"___tlscertcheck__": "When set to false, the TLS certificate of the SMTP server is not checked.",
"_tlscertcheck": false,
"__tlsstrict__": "When set to true, TLS cypher setup is more limited, SSLv2 and SSLv3 are not allowed.",
"_tlsstrict": true
"_sendgrid": {
"from": "",
"apikey": "***********"
"_sms": {
"provider": "twilio",
"sid": "ACxxxxxxxxx",
"auth": "xxxxxxx",
"from": "+1-555-555-5555"
"__sms": {
"provider": "plivo",
"id": "xxxxxxx",
"token": "xxxxxxx",
"from": "1-555-555-5555"