Use the Configure Advanced System Attributes page to modify certain settings in the configuration file without the need to export, edit, and import the file. (See Importing and exporting the configuration file.)
In administration console, click Settings > User Management > Configuration > Configure Advanced System Attributes.
(Optional) Change any of the following session attributes:
Session Timeout Limit (Minutes): The amount of time, in minutes, before a user is automatically logged out of the system. By default, AEM forms components such as Workbench time out after two hours, regardless of activity or inactivity, and the user must log in again. Valid values are
1440. The default value is
120 (2 hours). This setting updates the
SAML/Producer/assertionValidityInMinutes entry key in the configuration file.
You should not set Session Timeout Limit below 10 minutes as the system may not behave correctly. The recommended value is 10-120 (minutes).
Assertion Threshold (Seconds): A buffer time to offset delays due to system time differences between AEM forms application server s in a cluster. AEM forms backdates a user’s login time by the amount of time (in seconds) specified in this property. Valid values are
3600. The default value is
60. This setting updates the
SAML/Producer/assertionThresholdInSeconds entry key in the configuration file.
Maximum Allowed Renewals of an Assertion: The maximum number of times a user’s session can be transparently renewed without requiring a login. Valid values are
9999. A value of
0 means that assertions are not renewed. The default value is 10. This setting updates the
SAML/Producer/maxAssertionRenewalCount entry key in the configuration file.
(Optional) Change any of the following directory synchronization attributes:
Synch Statistics Logging: Specifies whether User Management logs detailed statistics during the synchronization process. (See Enable or disable detailed logging during synchronization.)
Synch Finisher Cron Expression: The interval at which User Management retries failed synchronizations. (See Configure the directory synchronization retry option.)
Cluster Job Lock Timeout In Minutes: Used in clustered environments. If the synchronization on one node fails and the cluster lock is not released, this value specifies the number of minutes that another node waits before forcibly acquiring the lock. The default value is
15 minutes. Valid values are
(Optional) Change the following attributes and then click OK:
User Manager Event Auditing: Select this option to enable auditing of directory synchronization events and of authentication events such as success, failure, and lockout. By default, this option is not selected unless you installed a component that requires auditing, such as Rights Management. This setting updates the
APSAuditService entry key in the configuration file.
Auto Creation of Dynamic Group: Enables the automatic creation of dynamic groups based on email domains. (See Create a dynamic group.)
You can also revert to the original User Management settings by clicking Reload.