iTop 1.

2 Administrators Guide

2010-2011 Combdo. All rights reserved

Table of content

iTop 1.2 Administrator's Guide

Table of content ...................................................................................................................... 2 About iTop .............................................................................................................................. 4 Licensing ................................................................................................................................. 4 Related documentation ........................................................................................................... 5 Installing iTop ......................................................................................................................... 5 Software requirement .......................................................................................................... 5 Hardware requirement ........................................................................................................ 6 Download the iTop package................................................................................................. 6 Install iTop .......................................................................................................................... 6 PHP and MySQL settings .................................................................................................... 12 Changing configuration options ......................................................................................... 13 Ready-only mode .......................................................................................................... 13 Migrating from version 1.0, 1.0.1, 1.0.2 or 1.1 ........................................................................ 13 Migrating from previous version 0.9 ...................................................................................... 14 iTop common usage .............................................................................................................. 14 Starting iTop ...................................................................................................................... 14 Managing users..................................................................................................................... 15 Viewing Profiles................................................................................................................. 16 Viewing users.................................................................................................................... 17 Creating a user.................................................................................................................. 18 Changing a user password ................................................................................................ 20 Managing Organizations ........................................................................................................ 20 Viewing the data model ........................................................................................................ 22 Running Object queries ......................................................................................................... 24 Enter OQL expression in the text area, and click on Evaluate to get the result. .................. 24 Managing Notification ........................................................................................................... 24 Creating an action ............................................................................................................. 25 Creating a trigger .............................................................................................................. 26 iTop Audit ............................................................................................................................. 30 Audit Categories ................................................................................................................ 30 Audit Rules........................................................................................................................ 30 iTop localization .................................................................................................................... 31 Data backup .......................................................................................................................... 31 Background tasks: cron.php .................................................................................................. 32 Scheduling cron.php on Windows ...................................................................................... 32 Scheduling cron.php on Linux/Unix ................................................................................... 32 Parameter file ................................................................................................................... 32 Integrating with other application ......................................................................................... 33 Using iTop from the command line.................................................................................... 33 How to export data out of iTop.......................................................................................... 33 Arguments ........................................................................................................................ 33 Data import and data synchronization............................................................................... 34 Using direct MySQL commands to populate the synchro_data_xxx table ............................ 35 How to specify a list of related objects (link set) .............................................................. 36 Data Source Definition ....................................................................................................... 37 Synchronized Configuration Items ..................................................................................... 37 What is the difference between CSV Import and Data Synchronization? ............................. 38 How to import data in iTop ............................................................................................... 39 Example of script for importing CSV data....................................................................... 42
2

Soap web service for incident ticket creation .................................................................... 43 Example script for creating an Incident: ........................................................................ 43 Soap web service for user request ticket creation ............................................................. 44 Appendix A Configuration parameters ................................................................................. 45 References ............................................................................................................................ 48

iTop 1.2 Administrator's Guide

About iTop

iTop 1.2 Administrator's Guide

This document describes release 1.2 of iTop. iTop is a robust Open Source web 2.0 application that will help you to better support your IT. Development of iTop started in March 2006 in order to publish on the internet a completely open solution that would help enterprise to drive ITIL best practices implementation. The goal of the iTop community is to provide an alternative solution to expensive ITIL solutions sold by proprietary software vendors. At the early beginning of the project, the development team was focus on building the most complete CMDB (Configuration Management Data Base). One key objective was to make it as flexible as flexible in order to allow administrator to add and remove configuration items from the data model and manage as many relationships as they want. The development team also designed a powerful state machine that allows defining life cycle for whatever configuration items in the CMDB. Realizing that all concepts developed within the CMDB can be applied to all other ITIL best practices, the iTop community decided to extend them to Incident Management, Change Management and Service Management modules. Then iTop became an IT operational portal that helps all IT management team to support their environment by: Documenting IT infrastructures and their relationships (servers, application, network) Documenting IT incident and planned outages, as well as a known error database Documenting all IT services and contracts with external providers iTop can be used by different type of profiles: Help Desk st nd rd IT support engineers (1 level, 2 level, 3 level ) IT service managers IT managers iTop is relying on Apache/IIS, MySQL and PHP, so it can run on whatever operating system supporting those applications. It had been tested already on Windows, Linux Debian and Redhat (It also runs on Solaris and MacOS X). iTop is a web based application therefore you dont need to deploy client software on each users PC. A simple web browser is enough (IE 8+, FF 3.5+, Chrome or Safari 5+).

Licensing
iTop is licensed under the terms of the GNU General Public License Version 3 as published by the Free Software Foundation. This gives you legal permission to copy, distribute and/or modify iTop under certain conditions. Read the license.txt file in the iTop distribution. iTop is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.

Related documentation
How to Setup LDAP Authentication with iTop iTop Implementation Guide Localizing iTop Customizing iTop 1.0 OQL Reference iTop 1.0 user guide How to migrate from 0.9 to 1.0

iTop 1.2 Administrator's Guide

All related documents are available on http://www.combodo.com/itopdocumentation

Installing iTop
Software requirement
iTop is based on MySQL and PHP (MySQL / PHP), it requires PHP 5.2 and MySQL 5, plus off-course a web server: you can use Apache or IIS. Some old Linux configuration appeared to be very slow when running MySQL in innoDB mode. If its the case, check your MySQL server configuration (/etc/mysql/my.cnf), and try to add the following line: innodb_flush_method = O_DSYNC Optional requirements: For LDAP authentication iTop requires the PHP LDAP module. For strong encryption of passwords iTop requires PHP mcrypt module. Installing the required software on Debian: apt-get install apache2 apt-get install mysql-server apt-get install php5 Installing the required software on Redhat: yum install apache yum install mysql yum install php5

Hardware requirement
Operating System Linux Windows Resource Disk RAM Processor Disk RAM Processor 5 1 1 5 1 1

iTop 1.2 Administrator's Guide

Minimum Gb Gb GHz (single Pentium) Gb Gb GHz (single Pentium) Recommended 20 Gb 2 Gb 2 GHz + (dual-core) 20 Gb 2 Gb 2 GHz + (dual-core)

Minimum screen size should be 1024*768 pixels full screen, but the higher the better.

Download the iTop package

The latest version of iTop is currently 1.2, you can download it from SourceForge: https://sourceforge.net/projects/itop/files/itop

Install iTop
1. Make sure that you have a properly configured instance of Apache/PHP running 2. Unpack the files contained in the zipped package in a directory served by your web server. 3. Point your web browser to the URL corresponding to the directory were the files have been unpackaged and follow the indications on the screen. For instance http://myserver, or http://myserver/itop/ if you have created a dedicated alias for iTop application As a matter of fact, iTop package provides a step by step wizard to install the application. Step1 is checking all prerequisites for MySQL, PHP and all optional extension. If a prerequisite is missing a yellow bullet will inform you

Figure 1

iTop 1.2 Administrator's Guide

Step2, you have to accept the terms of the license agreement.

Figure 2 Step3, you have to enter information to access the MySQL database (server, user and password). MySQL user needs to have root privileges. The data base can be installed either on the same server or can be a remote host if you prefer to have a two tier architecture, or reuse an already installed instance of MySQL.

Figure 3

Step4, once your SQL credentials are checked you can create the database for iTop. You can either choose an existing one, or create a new one. You can also decide to prefix all iTop tables with a given name. This is useful when you want to run several instances of iTop with the same data base.

iTop 1.2 Administrator's Guide

Figure 4 Step5, you have to select the modules you want to install. The Configuration Management (CMDB) module is mandatory. If you want to use Incident Management, User Request, Problem Management and Change Management modules, you need to install as well the Service Management module and the ticket module.

iTop 1.2 Administrator's Guide

Figure 5 Step 6 lets you define administrator account for accessing the application. Dont forget user login and password, as they are required to access the application and encrypted in the database. Moreover, you can define the default language for iTop.

Figure 6

iTop 1.2 Administrator's Guide

Figure 7 Step7 let you configure the address (URL) used by iTop. You can adjust the default value if iTop will be accessed by the end-users from a different address than the one youve used for installing the application. For example you may install iTop by connecting to it locally (i.e. running the web browser directly from the server) by typing http://localhost/itop whereas the end-users will connect to iTop through a specific DNS name, e;g. http://itop.mycompany.com. If its the case, then adjust the address when prompted by the installation. Note: in case you have multiple virtual hosts pointing to iTop ; or you are using a test system running on DHCP and you want to connect anyway from another system, the address of the iTop server cannot be fixed at the installation. In this case you can use the placeholder $_SERVER_NAME_$ in the URL parameter. For example you can type: http://$_SERVER_NAME_/itop as the URL to access the application. At runtime this value will be substituted by the corresponding SERVER_NAME for the current connection. Step8 lets you decide if you want to create sample data for testing purposes. This is very useful first time you install iTop. If you select No, database will be basically empty ready for loading your production data.

Figure 8

10

Congratulation, youve successfully installed iTop!

iTop 1.2 Administrator's Guide

Figure 9

Figure 10

11

PHP and MySQL settings

iTop 1.2 Administrator's Guide

iTop is capable of uploading and storing documents (i.e files) as attachments to various objects (Tickets, CIs). These documents are stored as binary blobs in the iTop database. In order to be able to safely upload and store documents, several settings must be adjusted consistently across PHP and MySQL. In PHP, several variables govern the upload of files: file_uploads upload_tmp_dir Set to 1 to allow file upload, to zero to prevent all file uploads. The temporary location (on the server) were the uploaded files will be stored. Make sure that this parameter points to a location that is accessible (and writable) by the process running the web server (or by the end users in case of IIS with the Windows built-in authentication) and that there is enough space left. The maximum size allowed. The value is expressed in bytes. You can use units like K for kilobytes (=1024 bytes), M for megabytes and G for gigabytes. Example: 4M stands for 4 megabytes. The maximum number of files that can be uploaded simultaneously in a single web page. iTop should normally upload only one file at a time. You can safely use the default value, which is 20. The maximum amount of data that can be sent to the server via a POST request. This value MUST BE bigger than upload_max_filesize, since the same request will contain some more information (the title of the document, an operation code). So its better to put a bigger value here. For example is upload_max_filesize is 4M, then pout 5M for post_max_size. After being uploaded on the server, the file will be read in memory before being stored in the database. Therefore make sure that memory_limit (if enabled) is far bigger than upload_max_filesize. This value defines the maximum time allowed for the server to read its input. This includes the time spent uploading the files. The default of 60 seconds may be exceeded for uploading big files over slow connections.

upload_max_filesize

max_file_uploads

post_max_size

memory_limit

max_input_time

The uploaded files are stored into the MySQL database, each file in one query. Therefore the maximum size allowed for a query MUST BE BIGGER than the maximum size of the uploaded file. This is configured via the variable max_allowed_packet in the my.cnf configuration file (on the MySQL server).
12

upload_max_filesize
php.ini

<

post_max_size
php.ini

<

max_allowed_packet
my.cnf

iTop 1.2 Administrator's Guide

<

memory_limit
php.ini

Changing configuration options

The configuration parameters are stored in the file config-itop.php at the root of the iTop installation. Changing these parameters has an immediate effect on iTop, there is no need to restart the web server, just refresh the iTop web pages in your browser to take into account the new parameters. For the complete list of parameters refer to Appendix A Configuration parameters, page 45.

Ready-only mode
It is sometimes desirable (while performing some maintenance tasks for example) to make the iTop application read-only. Since version 1.0.2, two parameters can be used to control: whether or not the application is read-only (and for who), which message is displayed when the application is read-only. These 2 parameters are: access_mode and access_message. The parameter access_mode can take one of the following values: Access_mode value Actual value Effect 0 The application is read-only for all users. The ACCESS_READONLY users can browse the application but nothing will be written to the MySQL database. 2 Only administrator users can write into the ACCESS_ADMIN_WRITE database. The application is in read-only mode for all other users. 3 All users can write into the database. This is ACCESS_FULL the default mode. Example:
'access_mode' => ACCESS_ADMIN_WRITE, 'access_message' => for maintenance until 2PM,

This results in the following display in iTop:

Refer to the chapter Appendix A Configuration parameters for the full list of configuration parameters.

Migrating from version 1.0, 1.0.1, 1.0.2 or 1.1

In order to migrate q previous version of iTop to the latest version: - Backup the MySQL database and the iTop configuration file (config-itop.php) - Expand the new version of iTop in a new folder (dont overwrite the files of the previous version with the new ones) - Launch the iTop setup and select Upgrade an existing iTop instance in the fisr screen of the setup.
13

Enter the name of the myql server and the iTop database as in the previous configuration. Dont forget the database prefix as well. In doubt, refer to the previous config-itop.php file. - Select the iTop modules to enable (by default all the previously enabled modules are reenabled) - Launch the upgrade. When done, you can archive the folder containing the previous version of iTop and point you main site to the newly upgraded copy.

iTop 1.2 Administrator's Guide

Migrating from previous version 0.9

The release 1.0 data model is not compatible with former one. Please read the document How to migrate from 0.9 to 1.0 in order to upgrade from this old version.

iTop common usage

Starting iTop
To use iTop, you just need a simple web browser and enter the following URL: http://yourserver or http://yourserver/<itop_alias> if you have created a particular web alias for the application. When prompted, to enter your login and password.

Figure 9 Once authenticated, the user accesses the main iTop page. The first time you connect you can see the Welcome to iTop popup screen. This popup can be removed for the next time by unchecking Display this message at startup

14

iTop 1.2 Administrator's Guide

Figure 10 The main screen of iTop is the following:

Figure 11 This main page is divided in three parts: The menu on the left (also called explorer menu) contains links to access items from each module (CMDB, Incidents, Changes, Services and contracts) The main frame, on the right, displays list of items from selected module, or the details of a given item. The top frame contains the global search function and the logoff button

Refer to the document iTop user guide for details about how to use the application.

Managing users
ITop provides a user management module allowing you to assign users with one or several predefined profiles. Thus an administrator can restrict the access to iTop, and allow users to modify only the objects they are allowed to. As an administrator, you can also define the actions they are allowed to perform by selecting a combination of profiles for a given user.
15

In the current version of iTop, the profiles are predefined; there is no user interface to modify them or to create new profiles. However, this can be handled directly in the MySQL database.

iTop 1.2 Administrator's Guide

Viewing Profiles
Use the Admin Tools / Profiles menu to access the profiles, and see their corresponding definitions as shown below:

Figure 12 When you click on a given profile you get the details.

Figure 13 The tab Users, lists all users having this profile. The tab Grant matrix displays all objects and actions allowed for this profile. Default profiles: Profile Administrator Change Approver Description
Has the rights on everything (bypassing any control) Person who could be impacted by some changes.
16

Change Implementor Change Supervisor Configuration Manager Document author Portal user

Person executing the changes. Person responsible for the overall change execution. Person in charge of the documentation of the managed CIs. Any person who could contribute to documentation. Has the rights to access to the user portal. People having this profile will not be allowed to access the standard application; they will be automatically redirected to the user portal. Person analyzing and solving the current problems. Person in charge of creating incident reports. Person responsible for the service delivered to the [internal] customer. Person analyzing and solving the current incidents.

iTop 1.2 Administrator's Guide

Problem Manager Service Desk Agent Service Manager Support Agent

Viewing users
The menu User Accounts under Admin Tools module, enables you to see all logins defined for you iTop instance.

Figure 14 When you click on a user you get the following details.

Figure 15

17

A user login is always linked to a contact stored in the CMDB (See Using CMDB module in iTop user guide). Prior to create a login you have to make sure that the user is documented as a contact in the CMDB. The tab Profiles list all profiles that are linked to this user. The tab Grants matrix display rights allowed for this user. It is the merge of all rights corresponding to associated profiles. The tab Allowed Organizations display list of organization this user is allowed to see.

iTop 1.2 Administrator's Guide

Creating a user
To create a new user you just have to click on New in action drop down list, from either user list or a given user detail. Following wizard then appears:

Figure 16 You can define different type of users: iTop user that are internal to the application with their password stored (encrypted) in the database. This is useful for administrative users or for users/logins to be used to scripts or other applications. LDAP user for which the authentication is managed by an external LDAP or Active Directory server. External user for which authentication is managed directly by the web server, for example when using an Apache .htaccess file or when using an external single-sign-on solution, like for example JASIG-CAS. All the details about authentication in iTop are described in the document How to setup iTop Authentication [1]. If you decide to create an iTop user, you have to define the password, and type it exactly two times. An exclamation sign appears at the right of the password field while both passwords are not the same.

Figure 17 You can as well define the language for this user. (See iTop localization page 31 for the complete list of supported language) Whatever type of user you create, you have to link it to an existing contact in iTop CMDB
18

Then you define, in the tab profile, the profile for the corresponding user. You have to define at least one profile.

iTop 1.2 Administrator's Guide

Figure 18 The Add Profiles ... button displays the search window for selecting the profiles you want to assign to the user.

Figure 19 The profiles assigned to the user can be changed later on using the Modify action for a user.

Restricting access to a set of Organizations

You can restrict the user access to a specific list of organizations using the Allowed Organizations tab. If no organization is selected, the user is allowed to see all of them. In case of a hierarchy of organizations (when some organizations have a parent organization), the rights are inherited from the parent to the child organizations. In other words, if a user has the rights to access the parent organization, then this user has also the rights to access all the child organizations of this organization.

19

All the objects belonging to an organization which is forbidden to a given user are completely hidden from this user. For this user, the application behaves as if such object did not exist. For example if the contact corresponding to this user is in a forbidden organization, it looks like (for this users) the contact does not exist. And thus will prevent this user from accessing the iTop portal! The selected organizations can be changed later on using the Modify action for a user.

iTop 1.2 Administrator's Guide

Figure 20

Changing a user password

The administrator can change a user password if required by simply using the Modify action for a user. This can be useful to reset the password of a user. Note: The passwords are stored encrypted (one way) in the iTop database, and therefore cannot be reconstructed from the content of the database.

Managing Organizations
Organizations are used in iTop to group object into silos. Only administrators and configuration managers can add or remove organizations. To add or modify an organization you have to click on Organizations in the Data Administration module and click on New button.

Figure 21 The form to create an organization enables you to define: The name of the organization Its code Its status And a parent organization if you want to create hierarchy

20

iTop 1.2 Administrator's Guide

Figure 22 You can later modify the attribute of a given organization by clicking on Modify action.

21

Viewing the data model

iTop 1.2 Administrator's Guide

You can view the current data model used by iTop by clicking on the link Data Model in the Admin Tools menu. An explorer tree-view allows you to navigate through the hierarchy of classes (in alphabetical order).

Figure 23 Clicking on a class name gives you the details for this class.

Figure 24

22

Data model tabs definition: Tab Attributes Search criteria Referencing classes Related classes Lifecycle Notification

iTop 1.2 Administrator's Guide

Description Displays all the attributes for this class. Displays all the attributes you can use in search forms or in OQL Displays all classes having a reference to the current one Displays classes related to this one via an external key Displays the lifecycle graph for the class and some related information Display the notifications configured for the selected class.

23

Running Object queries

iTop 1.2 Administrator's Guide

The menu Run Queries allows you to test OQL queries (See OQL reference guide). It includes as well some predefined queries to be used as examples (click on Query Examples at the top)

Figure 25 Enter OQL expression in the text area, and click on Evaluate to get the result.

Managing Notification
iTop integrates a notification system which is linked to the life cycle of the objects. This allows administrators to define e-mail notification rules when an object of a given class enters or leaves a specified state, or when a new object is created. The notification mechanism is divided in two parts: Triggers that define when notifications are to be executed and for which type of object Actions that defines the actions taken. In the current version of iTop, the only available actions consist in sending email. For a given trigger you can define several actions to be executed, and their sequence. The link Notification in the Admin tools module enables you to define triggers and actions:

24

iTop 1.2 Administrator's Guide

Figure 26 The Triggers tab displays all created triggers. The Actions tab displays all Actions

Creating an action
Before creating a useful trigger, you need to define at least one action. It is a kind of template for formatting e-mail to be sent. To create a new action, go to action tab and click on New in action drop down list. The following wizard appears:

Figure 27 You have to define at least a from e-mail address, and to whom you want to send the e-mail. Be aware that the from e-mail address has to be a valid one otherwise your mail server may refuse to send the message.
25

The contacts to be notified in the To, Cc, and Bcc are defined by an OQL query. This allows to specifiy mutilple recipients for the notification, like all the contacts attached to a ticket or all the contacts on the impacted site. (Refer to the document OQL Reference guide [2] for more information about writing OQL queries) This OQL query must return a list of objects containing an e-mail attribute: Contact Person Team For instance To: SELECT Person WHERE name LIKE John. The query can contain placeholders (using the syntax :this->attribute) that refer to the current object for which the notification is being sent. For example: SELECT Person WHERE id= :this->caller_id If the list is empty no mail is sent. The subject field is also mandatory. The body is the text sent. It can use HTML tag for formatting. You can also use attributes of the object that will trigger the action. The syntax to be used is $this->attribute$. There is as well to specific attributes: $this->name()$ is the name of the current object $this->hyperlink()$ is a url to access the current object $this->hyperlink(portal)$ is a url to access the current object in the iTop portal By Default importance of the mail is normal.

iTop 1.2 Administrator's Guide

To test a new action, you can use the status Being tested and Test recipient with a test address. In that case, the notification will be sent to this latter address. Once you notification have been tested and validated, change its status to In Production to have notifications flow to their actual recipients. If you want to de-activate an action, just set its status to Inactive.

Creating a trigger
Once you have actions defined, you can create triggers. You can define three types of triggers: When a new object is created When an object enters in a given state When an object leaves a given state When an object is updqted from the iTop portal To create a new trigger, click on New in action drop down list for the given category in Trigger tab. The following wizard open:

26

iTop 1.2 Administrator's Guide

Figure 28 You have to select which type of trigger you want to create: Trigger (on entering a state) Trigger (on leaving a state) Trigger (on object creation) Trigger (when updated from the portal) Once you have selected the type of trigger you get the following form:

Figure 29 For each trigger you have to define the class of object for which this trigger is applicable and the state (this is not applicable for Trigger on object creation and Trigger (when updated from the portal)). The states available for a class of object are defined in the data model. You can see them in the Life Cycle tab in the section Transitions when you are looking at the data model user interface (Refer to the chapter Viewing the data model, page 22). The value to be chosen is the one between parentheses. Then you have to select the actions to be associated with this trigger in the Triggered Actions tab. Remember that an action can be linked to several triggers. We strongly encourage you to test triggers and actions before moving them to production. As a matter of fact, it is always difficult to understand why e-mails are not sent. You can use the menu Application log where all notifications are tracked to check if a mail was triggered. A detailed log of event describes what happened with a given notification, for an easier troubleshooting. You can as well see which notification had been sent for a given ticket (User Request, Incident, Change) using the tab Notifications in the details of the ticket.

27

Figure 30

iTop 1.2 Administrator's Guide

If you are running iTop on a Linux server, make sure that the variable sendmail_path value in php.ini. For example: sendmail_path = "/usr/sbin/sendmail -t -i" Note: Depending on your actual environment, the configuration may be different. For example it si also possible to use SSMTP as a proxy to the actual mail server, as explained in the following link: http://tombuntu.com/index.php/2008/10/21/sending-email-from-your-system-with-ssmtp/ If you are running iTop on Windows server, you need to make sure that the php.ini file contains the following line: SMTP = <smtp server> smtp_port = 25 In order to test mail notifications you can use, the Test Page: http://<itop server location>/setup/email.test.php This page performs a number of tests and allows you to send a plain-text email to the recipient of your choice. This is useful to validate that the PHP configuration of the server is valid for sending e-mails.

28

Figure 31

iTop 1.2 Administrator's Guide

29

iTop Audit

iTop 1.2 Administrator's Guide

Audit is an iTop feature you to check the consistency of information stored in the iTop database. Using the audit, you can answer questions like: Do we have a hardware support contract linked to all devices in production? or Do we know the localization of all the servers for on-site support? An Audit Category defines group (categories) of audit rules. A rule category also defines a list of objects that are the subject of the associated rules. For instance all devices that are on production. An Audit Rule defines the rule that needs to be checked for a given category. For instance We dont want to have devices on production located on a Site in implementation. To add or modify an audit category or an audit rule, click on Audit Categories in the Admin tools module.

Audit Categories
An audit category is defined by a name, a description and a definition set. The definition set defines the scope of objects that will be subject to the related audit rules. It is an OQL query.

Figure 32 Once your new audit category is created, click on Modify in Action list, and select Audit Rules tab to create new audit rules.

Audit Rules
An audit rule is defined by a name, a description, the query to check and a Valid Object flag. The query defines the list of objects (under the scope defined by the category) that pass/fail the audit. Since it is sometimes easier to list the object that pass the audit, the flag Valid Objects ? is used to indicate whether the query returns the valid objects or the invalid ones. Note that a rule is always linked to only one category; and this category determines the scope of the rule.

30

iTop 1.2 Administrator's Guide

Figure 33

iTop localization
Since release 1.0 iTop is designed to support multi-localization. This means that provided the right localization is available in iTop each user can see the iTop user interface in her/his own language. This language is part of the user record created for each user in iTop. The localization of iTop consists mainly in translating a set of predefined PHP files, called Dictionaries. The supported languages in the current release are: Chinese English French German Hungarian Italian Japanese Portuguese (Brazil) Russian Spanish Turkish The default language in iTop is defined during the setup. If you want to change it afterwards, modify the configuration parameter 'default_language' in config-itop.php

Data backup
In iTop all the data (including the uploaded documents) are stored in the MySql database. Therefore it is highly recommended to have a database backup in place on a regular basis. You can run a full backup of the database using the following mysqldump command:
/usr/bin/mysqldump --opt --add-drop-database user=<mysql user> --password=<mysql password> <itop DB> | gzip > <file>

31

Once the content of the database is dumped, just backup this dump and the config-itop.php file to keep a full image of your iTop instance.

iTop 1.2 Administrator's Guide

Background tasks: cron.php

In order to operate properly, iTop maintenance operations and asynchronous tasks must be executed on a regular basis. In order to ease the installation, all the background tasks have been grouped to be launched from a single file: webservices/cron.php The following features rely on the activation of cron.php - Asynchronous emails. By default, this option is disabled. To enable it, set 'email_asynchronous' to 1 in the configuration file - Check ticket SLA. Tickets reaching the limits will be passed into Escalation TTO/TTR states

Scheduling cron.php on Windows

1. Edit the file <itop root>/webservices/cron.params to set the credentials used for cronified tasks (requires administrator privileges) 2. Edit the file <itop root>/webservices/cron.cmd, and set the relevant path for your installation of PHP. If you care about security, it is recommended to change also the path to the parameters file <itop root>/webservices/cron.params and move this file to a place where its content is not served by the web server. 3. Schedule the execution of cron.cmd:
schtasks.exe /create /tn "iTop CRON" /sc minute /mo 1 /tr "\"<itop root>/webservices/cron.cmd\""

Scheduling cron.php on Linux/Unix

1. Edit the file <itop root>/webservices/cron.params to set the credentials used for cronified tasks (requires administrator privileges) 2. If you care about security: move the file <itop root>/webservices/cron.params into a directory not in the scope of the web server (Apache), and make it be readable only by the account that will execute the cron 3. Edit the crontab and add the following line:
* * * * * /usr/bin/php <itop root>/webservices/cron.php -param_file=<itop root>/webservices/cron.params

Parameter file
The argument param_file can be used with most of the REST/CLI web services. By convention, the cron.php service searches for a parameter file name cron.params A parameter file contains key/value pairs. It can be commented: any character found after `#` will be ignored Example:
# This is a parameter file # # If a parameter is given both in the file and in the arguments,
32

# then the value given as argument is retained # # Authentication auth_user = qwertyuiop auth_pwd = ded!catedL0g1n # My web service size_min = 20 # Megabytes time_limit = 40 # Minutes

iTop 1.2 Administrator's Guide

Integrating with other application

Using iTop from the command line
Before using any of the iTop pages that can be run from the command line (like import.php for instance), make sure that the user that will be used to run the command line has enough rights to read the iTop configuration file (config-itop.php). If you get an error like: PHP Warning: file_get_contents(/opt/test2/html//config-itop.php): failed to open stream: Permission denied in /opt/test2/html/core/config.class.inc.php on line xx, then verify that the process running from the command line has enough rights to read the iTop configuration file.

How to export data out of iTop

Set of iTop objects can be exported by the mean of a REST web service that can be easily scripted. This webservice is based on an OQL query, which defines the list of objects to export, and a format specifier that determines the desired export format.

Arguments
Argument param_file auth_login auth_pwd login_mode expression format fields Description Parameters file User login - CLI mode only User password - CLI mode only basic, form, external or cas OQL query html (suitable for integration with MS-Excel), xml or csv coma separated list of attributes (e.g. "name,brand,model") ; ignored for XML output ; ignored for HTML for versions earlier than 1.2 (RC) Defaut value Defined in config-itop Mandatory! html All the attributes of the class specified by <expression>

You can use command line tools, like wget, to automate such an export from another system, or simply, run export.php from the command line: Example 1: from the command line (on the iTop server)
php /var/www/itop/webservices/export.php --auth_login=john --auth_pwd=trust,no1 -expression="SELECT Server" --format=csv --fields=name,management_ip

33

Example 2: using wget to get the data from another system

iTop 1.2 Administrator's Guide

wget --http_user=user --http_password=password "http://<server>/webservices/export.php?login_mode=basic&format=csv&expression=..."

Examples: Get all the contacts, use the following OQL expression: SELECT Contact Which gives the following command line:
wget --http_user=user --http_password=password "http://<server>/webservices/export.php?login_mode=basic&format=csv&expression=SELECT Contact"

To get all the persons (note that a person is contact also, but it has more attributes to be exported: first_name and employee_number): SELECT Person Which gives the following command line:
wget --http_user=user --http_password=password "http://<server>/webservices/export.php?login_mode=basic&format=csv&expression=SELECT Person"

Remarks: Under Unix/Linux the URL to the page being queried must be enclosed within double quotes, because of the ampersand character (&) that the shell interprets as the end of the command (and spawns a background process with the command represented by the remaining of the line). The parameter login_mode=basic forces iTop to use the HTTP Basic Authentication scheme which is compatible with most command line utilities like wget, LWP, etc

Data import and data synchronization

Starting with version 1.1, iTop integrates a powerful data synchronization engine. This engines allows iTop consultants to federate several sources of information (like third party applications) into iTop. This federation is defined in iTop using "Data Sources" objects. Each data source defines how iTop handles the synchronization of a given type of object from a given source. For example it is possible to specify that iTop federates servers information coming from a network discovery tool and servers information coming from an asset management tool, with specific rules determining how the information is to be reconciled, which field is synchronized from which source, and with what effect for the end-users in iTop. The picture below summarizes the information flow from an external data source into iTop.

34

iTop 1.2 Administrator's Guide

The on-going process for synchronizing data with iTop is based on the following steps: 1. Extract data from the external source/application [not handled by iTop] 2. Transform the data to a content suitable for iTop [not handled by iTop] 3. Import the data into a temporary table in iTop [can be handled by iTop or an external application] 4. Search for matching objects in iTop [handled by iTop] 5. Create/Update or Delete the synchronized objects in iTop [handled by iTop] 6. Display and manage the synchronized object in iTop To implement a Data Synchronization in iTop follow the steps below: 1. From the iTop admin menu, define a "Data Source" object, for the type of objects you want to import/synchronize. This creates a specific "replica" table in the iTop database, named "synchro_data_xxx". (Once the data source is created, check the "Attributes" tab of the data source. The name of the temporary table is displayed at the top.) 2. Using either your favorite ETL or plain old scripts, populate the "synchro_data_xxxx" table corresponding to the "Data Source" with the data coming from the external source. You can use the special column "primary_key" for storing any identifier of the object in the external application. Each record in this table will correspond to one object in iTop. The column "id" is reserved for use by iTop and cannot be written. All other columns correspond to fields of the iTop object. 3. Trigger the execution of the data synchronization between the iTop objects and the "replicas" of the temporary table by executing the page "synchro/synchro_exec.php" either in command line mode, or by invocating the web page (using wget for example). Of course you can schedule the steps 2 and 3 on a regular basis (hourly, daily or weekly) at will.

Using direct MySQL commands to populate the synchro_data_xxx table

If you populate the table synchro_data_xxx using SQL commands, you must take care of duplicates. Remember that each record in the synchro_data_xxx table corresponds to one object in iTop. You can either construct a value the uniquely identifies the "source" object and store this value in the "primary_key" field of the table, or use any combination of the record's field and MySQL's INDEX feature to ensure this uniqueness.
35

Provided that the appropriate index exists on the table, you can then use the MySQL command INSERT ... ON DUPLICATE KEY UPDATE ... to import the data. Example 1: if you import servers from OCS inventory, you can use the field "id" from the Hardware table to uniquely identify a server. The value of this field can be stored in the 'primary_key' field of the data_synchro_xxx table and used as a unique index. First, make sure that the field "primary_key" is a unique index for the table:
ALTER TABLE synchro_data_xxx ADD UNIQUE INDEX(primary_key);

iTop 1.2 Administrator's Guide

Then you can use the following query to insert records in the data_synchro_xxx table:
INSERT primary_key, name, org_id INTO data_synchro_server_1 VALUES (100, 'myserver.demo.com', 'Demo') ON DUPLICATE KEY UPDATE name=VALUES(name), org_id=VALUES(org_id);

Note that MySQL also allows a multiple insert statement like the following:
INSERT primary_key, name, org_id INTO data_synchro_server_1 VALUES (100, 'myserver.demo.com', 'Demo'), (101, 'myserver2.demo.com', 'Demo'), (102, 'myserver2.demo.com', 'Demo') ON DUPLICATE KEY UPDATE name=VALUES(name), org_id=VALUES(org_id);

Example 2: if your unique key for identifying the servers is the name of the server and the name of the organization, you can do the following: First create a unique index on these two fields in iTop:
ALTER TABLE synchro_data_xxx ADD UNIQUE INDEX(name, org_id);

then you can import the data in iTop using the following MySQL statement:
INSERT name, org_id, location_id INTO data_synchro_server_1 VALUES ('myserver.demo.com', 'Demo', 'Paris') ON DUPLICATE KEY UPDATE location_id=VALUES(location_id);

How to specify a list of related objects (link set)

Some classes have attributes called Link Set. Example: UserLocal.profile_list You can synchronize those lists by writing all the information in the corresponding column: Here is an example specifying that the login will have one profile: 'Portal User'
INSERT login, profile_list INTO data_synchro_userlocal_1 VALUES ('johndoe', 'profileid->name:Portal User;reason:Customer')...;

You can also specify several links (several profiles) by separating each link with the pipe (|) character.

36

Data Source Definition

iTop 1.2 Administrator's Guide

The "Data Sources" are defined using the menu "Admin Tools/Synchronization Data Sources". Each data source defines:

The "target" class of the objects to be synchronized The list of attributes/fields of the objects to synchronize How to search/reconcile the objects with the objects already existing in iTop The rules of synchronizing/updating and possibly deleting objects in iTop How the synchronized objects behave for the iTop end-users (which fields are read-only, are users allowed to delete the objects...) An optional hyperlink and icon to refer iTop users to the corresponding object in the external application

Synchronized Configuration Items

When a configuration item is synchronized with a data source, its display is a bit different in iTop. The actions on this CI may also be limited depending, on the configuration of the data source. For example: the fields of the object that are synchronized may appear as read-only for the end users and iTop can prevent the users from deleting a synchronized object. The exact behaviour of the synchronized CI is determined by the properties of the data source. The screenshot below depicts what a synchronized "Server" will look like in iTop. (Notice the "lock" icon in the object's title and the tooltip attached to it).

37

iTop 1.2 Administrator's Guide

What is the difference between CSV Import and Data Synchronization?

Data synchronization is meant to import data into iTop, from another system, in a recurring manner. It can be run from the command line or from a web service, but not interactively. Data Synchronization is optimized for large volume of data that do not change very often. For example you may synchronize 10,000 contacts from an LDAP server, in iTop, once per day. Everyday probably only a small percentage of the users' records will be modified. This is efficiently handled by iTop. When synchronizing data, iTop keeps track of the relationship between the iTop object and the source of the data. Therefore it is possible to prevent the users from modifying the synchronized objects (partially or totally) in iTop and to tell them where the data comes from. This is useful for "federating" several sources of data in iTop. The CSV import (which can run interactively or from the command line) is more targeted towards "one shot" import. It can be used from a script (using the command line interface or the webservice) or interactively. When performing a CSV import, iTop does not record information about the source of the data. Once the data have been loaded into iTop, the objects can be modified by the authorized users, without any reference to the original source. To summarize: CSV import is good for:

importing initial data in iTop performing bulk transformations on the data (sometimes it's easier to export / modify in Excel / re-import than to edit the objects directly in iTop)

Synchronization is good for:

federating data between different systems in iTop importing data via some scheduled mechanism preventing users from modifying the imported data

38

iTop 1.2 Administrator's Guide

How to import data in iTop
The CSV import feature of iTop is available as an interactive page (Data Administration / CSV Import), as a (REST) web service or as a command line tool. The command to execute is the following (On Unix / Linux) php import.php <parameters> (On Windows) php.exe import.php <parameters> Parameter Name auth_user Description The iTop user with enough rights to create/update the destination objects The password corresponding to the auth_user class of the objects to be loaded Local file containing the CSV data to be loaded yes Mandatory

auth_pwd class csvfile charset

yes yes yes

Character set encoding of the optional, defaults to [UTF-8] CSV data: UTF-8, ISO-8859-1, WINDOWS-1251, WINDOWS1252, ISO-8859-15 column separator in CSV data optional, defaults to ; test qualifier in CSV data optional, default to [retcode] to return the count optional, default to of lines in error, [summary] to summary return a concise report, [details] to get a detailed report (each line listed) name of the columns used to optional identify existing objects and update them, or create a new one If set to 1, then the load will not be executed, but the expected report will be produced optional, default set to 0

separator qualifier output

reconciliationkeys

simulate

Example:
$> php q import.php --auth_user=admin --auth_pwd=admin --class=Server --csv_file=servers.txt
39

REST web service A web service allows you to write a script to enter new data, or refresh existing data. This can be helpful for the initial load or to schedule a daily synchronization of the data coming from an external data source - could be another application, an automated data collector, etc.

iTop 1.2 Administrator's Guide

/webservices/import.php?class=Organization&csvdata=<multine-csv>[&separator=<char>] Note that this service emulates the functionality provided by the interactive bulk load: /pages/import.php csvdata must be posted, the first line will contain the codes of the attributes to load. It uses the default reconciliation keys defined in the data model for identifying objects to load. Parameters for import.php web service: Parameter Name class csvdata charset Description class of loaded objects Data to load yes yes Mandatory

Character set encoding of the optional, defaults to [UTF-8] CSV data: UTF-8, ISO-8859-1, WINDOWS-1251, WINDOWS1252, ISO-8859-15 column separator in CSV data optional, defaults to ; test qualifier in CSV data optional, default to [retcode] to return the count optional, default to of lines in error, [summary] to summary return a concise report, [details] to get a detailed report (each line listed) name of the columns used to optional identify existing objects and update them, or create a new one If set to 1, then the load will not be executed, but the expected report will be produced optional, default set to 0

separator qualifier output

reconciliationkeys

simulate

The answer is given in a simple html format, explaining what has been done for each row of data. Example: A script that creates a company called "Food and Drug Administration" (code FDA).

40

$> wget --header="Content-Type:application/x-www-form-urlencoded" --post-file=data.txt http://<yourserver:port>/webservices/import.php?class=Organization

iTop 1.2 Administrator's Guide

with: data.txt containing the following text auth_user=<username>&auth_pwd=<pwd>&loginop=login&csvdata=name;code Food and Drug Administration;FDA Combodo;CBD

41

Example of script for importing CSV data

iTop 1.2 Administrator's Guide

The following script queries data about Servers from a local database (in this case an instance of OCSng) and imports the resulting information as Server objects into iTop.
#!/usr/bin/perl use DBI; use CGI; use Net::DNS; # OCSng database connection $OCS_DB_hostname="localhost"; $DB_login = "root"; $DB_pwd = "root";

$dsn = "DBI:mysql:database=$OCS_database;host=$OCS_DB_hostname"; $dbh = DBI->connect($dsn, $DB_login, $DB_pwd) or die "Echec connexion"; $dbh->{FetchHashKeyName} = 'NAME_lc';

$tmp_dir="/tmp"; $serverFile="$tmp_dir/serverData.txt"; # iTop user/credentials used for web service connection $itop_user="admin"; $itop_pwd="admin"; $itop_organization="Demo"; #This has to be replaced by a valid Organization in iTop $itop_device_status="implementation"; #This flag simulate the synchronization #You can view result of data to be imported in you $tmp_dir directory # in file pcData,serverData.txt, and ifData.txt # Set the flag below to 1 to simulate the import in iTop instead of running # the import for real $simulate_flag=0; ### Query the servers from OCSng $requete = " select name, osname,workgroup, osversion,oscomments,processort,memory,ipaddr,wincompany,winowner,userdomain,userid,sma nufacturer,smodel,ssn from hardware h,bios b where h.id=b.hardware_id "; $sth = $dbh->prepare($requete); open(WRITE,">$serverFile") || die ("Failed to open $serverFile") ; $sth->execute(); print WRITE "auth_user=$itop_user&auth_pwd=$itop_pwd&loginop=login&csvdata=name;status;owner_name;o s_family;os_version;management_ip;cpu;ram;brand;model;serial_number\n"; while(my $row = $sth->fetchrow_hashref){ print WRITE "$name;$itop_device_status;$itop_organization;$row->{osname};$row>{osversion}-$row->{oscomments};$row->{ipaddr};$row->{processort};$row->{memory};$row>{smanufacturer};$row->{smodel};$row->{ssn}\n"; } close(WRITE); # Disconnect from OCSng DB $sth -> finish; $dbh -> disconnect;

42

# Call the Rest web service (using wget) to import the CSV file into iTop

iTop 1.2 Administrator's Guide

$cmd=`wget --http-user==$itop_user --http-password==$itop_pwd --post_file=\"$tmp_dir/serverData.txt\" \"http://localhost/itop/webservices/import.php?class=Server&output=details&simulate=$si mulate_flag\"`;

Soap web service for incident ticket creation

iTop provides a SOAP web service to create an incident ticket. This is very useful if you want to integrate iTop with monitoring systems like Nagios, Zabbix, The WSDL catalog is available from http://<itop path>/webservices/itop.wsdl.php This web service requires parameters mandatory for incident ticket creation: Title Description Caller Customer Service Sub service category Workgroup Impacted Cis (optional) Impact Urgency Feedbacks are sent in XML format in order to check what had been done on the iTop server, including the ticket number when the ticket is properly created.

Example script for creating an Incident:

<?php require_once('./itopsoaptypes.class.inc.php'); // From iTop / webservices $host=$argv[1]; $service=$argv[2]; $serviceStatus=$argv[3]; $serviceStateType=$argv[4]; $serviceMessage=$argv[5]; # # # # # $HOSTNAME$ $SERVICEDESC$ $SERVICESTATE$ $SERVICESTATETYPE$ $LONGSERVICEOUTPUT$

// iTop location and credentials $sItopServer = 'http://localhost'; $sItopUser = 'admin'; $sItopPwd = 'admin'; $itop_webserver_soap_catalog = $sItopServer.'/webservices/itop.wsdl.php'; $oSoapClient = new SoapClient( $itop_webserver_soap_catalog, array( 'trace' => 1, 'classmap' => SOAPMapping::GetMapping(), // defined in itopsoaptypes.class.inc.php ) ); $sTitle='The service '.$service.' is in state '.$serviceStatus; $sDescription='This is a test'; $caller='Picasso'; // to be replaced by valid value in iTop $customer='Demo'; // to be replaced by valid value in iTop $service='Computers and peripherals'; // to be replaced by valid value in iTop $sub_service='Repair'; // to be replaced by valid value in iTop $workgroup='Hardware support'; // to be replaced by valid value in iTop 43

iTop 1.2 Administrator's Guide

if ( $serviceStatus != 'OK') { switch($serviceStateType) { case 'HARD': $oRes = $oSoapClient->CreateIncidentTicket( $sItopUser, /* login */ $sItopPwd, /* password */ $sTitle, /* Title */ $sDescription, /* Description */ new SOAPExternalKeySearch(array(new SOAPSearchCondition('name',$caller))), /* caller */ new SOAPExternalKeySearch(array(new SOAPSearchCondition('name',$customer))), /* customer */ new SOAPExternalKeySearch(array(new SOAPSearchCondition('name',$service))), /* Service */ new SOAPExternalKeySearch(array( new SOAPSearchCondition('name', $sub_service), new SOAPSearchCondition('service_name', $service) )), /* Sub category */ '', /* product */ new SOAPExternalKeySearch(array(new SOAPSearchCondition('name', $workgroup))), /* workgroup */ array( new SOAPLinkCreationSpec('Device', array(new SOAPSearchCondition('name', $host)), array() ), ), /* impacted cis */ '1', /* impact*/ '1' /* urgency */ ); if ($oRes->status == 1) { echo "Ticket: ".$oRes->result[0]->values[1]->value.' '. $oRes->result[0]->label."\n"; } else { print "Request: \n".$oSoapClient->__getLastRequest()."\n"; print "Response: \n".$oSoapClient->__getLastResponse()."\n"; } } } ?>

From the command line you can then run the following command:
$> php -q create_ticket.php webserver.demo.com IIS KO HARD None Ticket: I-000010 created

And the result is iTop is the following Incident ticket:

Soap web service for user request ticket creation

Similarly to the creation of incident tickets, iTop provides a SOAP web service to create user request tickets. The web service is identical (same parameters, same return values) to the web service for creating incidents, except that the method is called CreateUserRequestTicket instead of
CreateIncidentTicket.

The WSDL catalog is available from http://<itop path>/webservices/itop.wsdl.php This web service requires parameters mandatory for incident ticket creation:
44

Title Description Caller Customer Service Sub service category Workgroup Impacted Cis (optional) Impact Urgency

iTop 1.2 Administrator's Guide

Feedbacks are sent in XML format in order to check what had been done on the iTop server, including the ticket number when the ticket is properly created.

Appendix A Configuration parameters

The latest list of configuration parameters can be found on the wiki located at: http://sourceforge.net/apps/mediawiki/itop/index.php?title=ITop_configuration_file
Name access_message Type string Visible ? Yes Description Message displayed to the users when there is any access restriction Default Value iTop is temporarily frozen, please wait... (the admin team) 3

access_mode

integer

Yes

addon_list allow_target_creation allowed_login_types

array bool string

Yes No Yes

apc_cache.enabled apc_cache.query_ttl app_root_url

bool integer string

Yes Yes Yes

application_list buttons_position cas_context cas_debug

array string string bool

Yes Yes Yes Yes

Combination of flags (ACCESS_USER_WRITE | ACCESS_ADMIN_WRITE, or ACCESS_FULL) Automatically populated by the installation process Displays the + button on external keys to create target objects The list (and in which order) of authentication methods that the application allows. The value is a combination of form|cas|basic|external|url If set, the APC cache is allowed (the PHP extension must also be active) Time to live set in APC for the prepared queries (seconds - 0 means no timeout) Root URL used for navigating within the application, or from an email to the application (you can put $SERVER_NAME$ as a placeholder for the server's name) Automatically populated by the installation process Position of the forms buttons: bottom | top | both The CAS context Activate the CAS debug

1 form|basic|ext ernal

1 3600

both

45

cas_host cas_include_path cas_logout_redirect_service cas_memberof

string string string string

Yes Yes Yes Yes

cas_port cas_server_ca_cert_path cas_version cron_max_execution_time

integer string string integer

Yes Yes Yes Yes

cron_sleep csv_import_charsets

integer array

No Yes

csv_import_creations_percentage csv_import_errors_percentage csv_import_min_object_confirmation csv_import_modifications_percentage datamodel_list db_character_set db_collation db_host

integer integer integer integer array string string string

No No No No Yes Yes Yes Yes

db_name db_pwd db_subname db_user deadline_format

string string string string string

Yes Yes Yes Yes Yes

The name of the CAS host The path where to find the phpCAS library The redirect service (URL) to use when logging-out with CAS A semicolon separated list of group names that the user must be member of (works only with SAML e.g. cas_version=> "S1") The port used by the CAS server The path where to find the certificate of the CA for validating the certificate of the CAS server The CAS protocol version to use: "1.0" (CAS v1), "2.0" (CAS v2) or "S1" (SAML V1) ) Duration (seconds) of the page cron.php, must be shorter than php setting max_execution_time and shorter than the web server response timeout Duration (seconds) before cron.php checks again if something must be done An array of character sets names to be added to the ones offered by the CSVImport menu item. Add your own charsets definitions here if the standard list does not fit your needs. Percentage of creations that trigger a confirmation in the CSV import Percentage of errors that trigger a confirmation in the CSV import Minimum number of objects to check for the confirmation percentages Percentage of modifications that trigger a confirmation in the CSV import Automatically populated by the installation process Character set to use for the MySQL database Collation (i.e sort mechanism) to use for the MySQL database Name of the host for the MySQL database server. (e.g. localhost, 192.168.10.234, mydbserver.demo.com, etc.) Name of the MySQL database Password to connect to the MySQL server Prefix of the tables in the MySQL database user name to connect to the MySQL server The format used for displaying "deadline" attributes: any string with the following placeholders: $date$, $difference$

iTop 1.2 Administrator's Guide

/usr/share/ph p

443

2.0 600

50 50 3 50

utf8 utf8_unicode_ ci

$difference$

46

default_language

string

Yes

dictionary_list email_asynchronous

array bool

Yes Yes

encryption_key fast_reload_interval graphviz_path link_set_attribute_qualifier link_set_attribute_separator link_set_item_separator link_set_value_separator log_global

string integer string string string string string bool

Yes Yes No Yes Yes Yes Yes Yes

log_issue

bool

Yes

log_notification

bool

Yes

log_usage log_web_service max_combo_length max_display_limit min_autocomplete_chars min_display_limit module_settings

bool bool integer integer integer integer array

No Yes No Yes No Yes Yes

The default language for the application, used for the login/logout pages. (Selected during the installation) Automatically populated by the installation process If set, the emails are sent off line, which requires cron.php to be activated. Exception: some features like the email test utility will force the serialized mode A "salt" key used for encrypting secured fields in the application. The duration (in seconds) between two reloads of a list, if the reload interval is "fast" Path to the Graphviz "dot" executable for graphing objects lifecycle Link set from string: attribute qualifier (encloses both the attcode and the value) Link set from string: attribute separator Link set from string: line separator Link set from string: value separator (between the attcode and the value itself If set to 1, then the log is active. Which event is logged and where will depend on the following log_.... settings If set to 1, then internal errors (or some usage errors) will be traced both into /error.log (destination file could not be changed) and the DB (OQL: SELECT EventIssue) If set to 1, then notifications sent my the mean of the Trigger/Actions will be recorded into the DB (OQL: SELECT EventNotification) Log the usage of the application (i.e. the date/time and the user name of each login) If set to 1, then usage of the SOAP service(s) will be recorded into the DB (OQL: SELECT EventWebService) The maximum number of elements in a drop-down list. If more then an autocomplete will be used The maximum number of items that a list can display at once, before changing to a paginated list The minimum number of characters to type in order to trigger the "autocomplete" behavior The number of items to display when a list is bigger than "max_display_limit" Automatically populated by the installation process

iTop 1.2 Administrator's Guide

EN US

@iT0pEncr1pti 0n! 60 /usr/bin/dot ' ; | : 1

1 50 15 3 10

47

online_help secure_connection_required session_name skip_check_ext_keys skip_check_to_write skip_strong_security

string bool string bool bool bool

Yes Yes Yes No No No

Hyperlink to the online-help web page

iTop 1.2 Administrator's Guide

http://www.c ombodo.com/ itop-help

standard_reload_interval synchro_trace timezone

integer string string

Yes Yes Yes

webservice_list

array

Yes

Whether or not the application is allowed to run on a non-secure (i.e. non HTTPS) connection The name of the cookie used to store the PHP session id Disable external key check when checking the value of attributes Disable data format and integrity checks to boost up data load (insert or update) Disable strong security - TEMPORY: this flag should be removed when we are more confident in the recent change in security The duration (in seconds) between two reloads of a list, if the reload interval is "standard" Synchronization details: none, display, save (includes 'display') Timezone (reference: http://php.net/manual/en/timezone s.php). If empty, it will be left unchanged and MUST be explicitely configured in PHP Automatically populated by the installation process

iTop

300 none Europe/Paris

References
[1] How to setup iTop Authentication http://www.combodo.com/IMG/pdf/How_to_setup_authentication_with_iTop.pdf [2] OQL Reference guide http://www.combodo.com/IMG/pdf/OQL_Reference.pdf

48