This article includes System Settings for On-Premises customers. PSIsafe Cloud customers can contact PSIGEN Support's Cloud IT Admin team for assistance with System Settings.
This article is intended for PSIsafe Administrators. It's important to note that unintentional changes to System Settings can adversely affect your PSIsafe installation.
The PSIsafe Management System Settings area is the core of many advanced features to PSIsafe, and includes sections that modify many of the "backend" areas of the product architecture. System Settings includes the following major sections:
(Click on any header below to jump to that section)
The first tab “Database Connections Registration” displays information about the available registered databases on the given server. Additional databases may be added or edited from this screen.
To display a list of databases, simply type in the system password, ensure the Server Address points to the machine hosting the PSIsafe server, or, if PSIsafe Management is being accessed from the PSIsafe Server itself, using the local loopback "127.0.0.1" will suffice, then hit the "List" button:
Adding/Editing a Database
A new database may be added to the PSIsafe Server at any time. This will require a registration code from either PSIGEN Support or the responsible Sales Representative. A screen such as the one below will be displayed requiring you to enter:
- Database Alias – Name of the new database to be registered, which appears in the "Connect to" field in the login window.
- SQL Server – IP address and instance of the SQL Database. Can be IPv4\SQL Instance name or IPv6 (Machine Name)\SQL Instance
- Database - SQL Database Name.
- Login information for the SQL database - "sa" (sysadmin) user is preferred, as PSIsafe needs sysadmin rights to make changes to the database.
- Customer Name: Name of the Organization.
- Customer Code: Used only by Cloud IT Administrators, not for On-Premise installations (leave default).
For more information on registering databases for your PSIsafe installation, see:
Deleting a Database
Exercise extreme caution when deleting a database connection. This will unregister your database and will cause it to be unavailable to end users.
Highlight the database in question on the initial Database Selection screen and select "Delete".
The system Passwords tab allows a PSIsafe Administrator to reset the system password for PSIsafe. Either the old administrator password must be available or the software license key provided when the database was registered.
Notification and Alerts
The options available under notifications and alerts deal exclusively with setting up email options to work with PSIsafe workflow. PSIsafe Customer's Internal IT with knowledge of the email system being used within your organization must provide these settings. An SMTP (Simple Mail Transfer Protocol) server is the address of an email server that can be used to relay email messages from PSIsafe’s workflow engine. These fields will be self-explanatory to your email administrator.
The workflow frequency settings are used to tell PSIsafe how often to check for new workflow notifications and send them out via email. The rule alerts notification is used as the delta time between checking workflow rule alerts.
The options tab is used to setup miscellaneous options (generally system-wide options). There are four tabs under the system options.
- Enabling Global Versioning – If set, PSIsafe ignores any other versioning settings. If not set, then other versioning settings are followed.
- Enable Document Title Display – Enables Document Title display based on original Filename.
- Management makes extensive use of MSDTC (Microsoft Distributed Transaction Coordinator). In order not to have to configure MSDTC on each client machine which runs Management, simply check this box to use the Server MSDTC settings.
- PSIsafe Administrators: Manage Form Signatures – This is a legacy feature of the Signatures module, which is no longer functional in PSIsafe 11.2+.
- Use Least Restrictive Rights – A user’s individual access rights and the rights of a group (or groups) they are part of may not match within a cabinet. When this occurs, the user will be assigned effective rights. Two restrictive types are supported:
- Most Restrictive (Default): Setting Group rights as ‘Most’ restrictive will apply the lowest level of rights to users who are part of a group.
- Least Restrictive: Will apply the highest level of rights to users who are part of a group.
- When users are in multiple groups and these groups are assigned to the same cabinets, the default setting in PSIsafe is to read rights that are the Most restrictive. This option will allow PSIsafe to read rights that are the Least restrictive.
- Disable Alert Notification (Current Database) – Disables PSIsafe Workflow notifications involving alerts.
- Disable New Workflow Notification (Current Database) – Disables new PSIsafe Workflow notifications.
- Override Preview Browser Lockdown – Allows users to override any lockdowns on the Browser Preview engine.
- Skip Workflow Check for Folder Index Edit – Users are not required to use Workflow when editing Folder Indexes.
- Permanently Delete from Recycle Bin – select staff allowed to permanently delete documents from the Recycle Bin.
- PDF Forms Engine – The Aspose PDF Engine is the only functioning PDF engine in PSIsafe 11.2+. The PDF One Forms engine should not be used for any reason.
The Paths settings in PSIsafe Management have a significant impact on the functionality of many downstream applications and sub-modules of PSIsafe. Only make adjustments to the following when absolutely necessary.
Global Path for Workflow Distribution and Batch Server Synch
Setting the Batch Capture global path works in conjunction with enabling the “Synchronize images with server” option in the Batch Capture module, as seen in the screenshot below in Batch Capture > Options:
With this setting enabled, when a PSIsafe User exits PSIsafe, all unfiled images in the left-hand Import section are synchronized to the PSIsafe server using this specified path.
Note: This path is also used by WorkFlow Distribution. Whenever a document is sent for Workflow Distribution, it will be temporarily stored in this same path location.
Alternate Path for Client Settings and Working Directory
This setting is only used in some unique environments in which the default Client Settings and Working Directory are not feasible. The default location is:
If specifying a different location, ensure that the Cabinet Server Service has full read/write permissions to this location.
Alternate Preview cache files for web storage path
PSIsafe Web's preview uses cached images for supported non TIF and PDF documents. This allows caching to be enabled/disabled and setting the file path. When enabled, the default setting will store the cached images in the repository folder on the server. An alternative path can be set if there is a need to store cached images in another area (e.g. a location that is outside of backed up data to minimize backup file requirements, meet security compliance, etc.).
To set an alternate path: Check the "Edit Alternate Path" box. Enter alternate path. Click Save.
Many PSIsafe Downstream applications take advantage of the PSIGEN API, and are enabled by entering a PSIsafe URI, which is the address of the machine hosting the PSIGEN API. Some examples of PSIsafe Downstream Applications that use the PSIGEN API include: DocuSign, PSIsafe Web (Preview), PSIsafe ATS, and more.
Enable User by Desktop Client - This setting allows the PSIsafe Desktop Client to use the PSIsafe URI to reference the PSIsafe OpenAPI to perform upload and download functions. Disable this option if your organization does not use the PSIsafe OpenAPI.
Timeout (in seconds) - This setting allows Administrators to specify a time value, in seconds, which is a window for which uploads and downloads to the PSIsafe URI and subsequent PSIsafe OpenAPI can complete. If the upload or download does not complete within this allotted time window, the user will experience the following error:
The Filer tab is used to specify the default naming scheme used to save emails dragged from Microsoft Outlook to PSIsafe via Filer. The Document title above is used to construct the document title displayed in Filer when the message is imported from Microsoft Outlook.
Use Slash in Date Format - Use a date format like 10/10/2010 instead of 10-10-2010.
Global Disable Quick Filer - Disables the Quick Filer option for all PSIsafe clients.
PSIsafe Masks may be built to better service unique inputs on certain Folder and Document-level index fields. Additional masks may be added based on user preference. Masks are based on Regular Expressions, a common method of formatting data in a variety of platforms. New masks can be added and customized with a bit of research on Regular Expressions. A user may add regular expressions, however, once added, they cannot be removed.
Regular Expression Mask Details – copy and paste. Click on Save, required fields are Name, Sample, and Regular Expression.
Data Mask in Templates for Document Titles
There are no restrictions to using data masks in Document-level indexes that create document titles. Data Masks are used in folder indexes and the "Automatic naming" checkbox in the Filer window for document titles. A standard set of data masks are made available. These Masks can be modified or a new custom Mask created to suit your needs.
As seen in the screenshot above, templates can be modified to apply masks by default to specific fields. First, click on the ellipse box next to the field within the "Default Value" column, and the select items box will open with the available masks. Users can then select any of the samples available and click "OK".
Categories are used to further define the scheduled event in a PSIsafe Workflow. This allows users to specify the type of content being pushed through a given workflow with these category types.
To add a category, simply click the "Add" button, enter a name for the category, and click "Save". If the category is no longer used, it can be deleted via the "Delete" button. This will not affect previous categories used. A quick search is located in the lower left side of the Categories, which will search all the categories listed.
The Custom Status defines the status of scheduled Workflow item based on user preference instead of default options. Users may add, edit or delete a status and this will not affect previously added statuses for scheduled items.
To add a custom status, simply click the "Add" button, enter a name for the status, and click "Save". If the status is no longer used, it can be deleted via the "Delete" button. This will not affect previous statuses used. A quick search is located in the lower left side of the Custom Status, which will search all the statuses listed.
This login policy setting is set per database. If the policy is enabled, consecutive failed login attempts are monitored based on the policy settings. The user may be locked out once, twice or have his account disabled.
Disable Auto Login - Disables users selecting "Auto Login" option in PSIsafe's login window.
Detailed below are the three stages of Login Policy Enforcement:
When a user’s consecutive failed login attempts reaches the “Number of failed attempts before first lockout” setting, the user is first locked out for a specified duration obtained from the setting “Duration of first lockout (min)”. During this lockout time, the user is not allowed to login and will receive the “Account temporarily locked out” message.
Once the lockout duration has elapsed, a successful login will reset the failed attempts count, but if the failed logins
persist and the number of attempts reaches the sum of “Number of failed attempts before second lockout and after first lockout” and the “Number of failed attempts before first lockout” settings, the user is locked out again for a specified duration obtained from the setting “Duration of second lockout (min).” During this lockout time, the user is not allowed to login and will receive the “Account temporarily locked out” message. (see message above)
Once the second lockout duration has elapsed, a successful login will reset the failed attempts count, but if the next login attempt results in a failure, the user account is disabled and will require the system administrator to enable the account. The message received immediately after this would be “Account disabled due to security policy violation. Please contact your administrator.” Any further failed attempts will see the generic “Account disabled. Please contact your administrator” message.
Default Configuration (see configuration added by client above):
- Login Failure Policy is not enabled (client checks Enable Policy).
- Number of failed attempts before first lockout: 3.
- Duration of first lockout: 2 Minutes.
- Number of failed attempts before second lockout and after first lockout: 3.
- Duration of second lockout: 2 Minutes.
Administrator may set Login Failure Policy based on their security plan.
Note: The Login Failure Policy and its settings can be enabled or modified only by the system administrator and can be accessed from the System>Settings section in the Management Console.
This is a legacy module of PSIsafe and is no longer functional in PSIsafe 11.2+. The Messages tab would allow Administrators to create custom labels for users to apply to messages within the Messages module, which is deprecated as of PSIsafe 11.2+.
Maximum allowed for Auto Preview (MB): This is a legacy feature of PSIsafe 11.1 and previous, and is no longer functional on PSIsafe 11.2+. Any previewed file will render in the Preview Pane, no matter the filesize, due to improvements in the Preview Module's rendering performance.
Fast Preview (Minimum allowed file size): This is a legacy feature of PSIsafe 11.1 and previous, and is no longer functional on PSIsafe 11.2+. Any previewed file will render in the Preview Pane, no matter the filesize, due to improvements in the Preview Module's rendering performance.
Email Attachments (Maximum total size allowed): For PSIsafe Web users subject to email attachment limits, this setting can limit the sending of very large emails. The default size total file size is 20 MB. This setting is for PSIsafe Web only. Emailing documents as attachments from PSIsafe Web will restricted the file size set here. This setting is for the total file size of all the attachments put together in a single email.
File transfer packet size (KB): default is 4096 and should only be changed when instructed by PSIGEN Support, for unique cases that prevent the download of specific filetypes on certain builds.
PSIsafe's SHARE settings determine the minimum level of user rights required to use the SHARE module to send PSIsafe content to an external user.
This area control the ability for users to both have Password Reset enabled, as well as a Security Challenge. Additionally, the parameters of a Password Policy can be controlled.
The Tools area is designed to fix common issues encountered in PSIsafe over long periods of time. This includes a variety of database maintenance and diagnostic tools.
PSIsafe allows the capability to display the file size of every document stored in PSIsafe, particularly if a file is registered as 0KB, which would indicate that the metadata for that file is stored in the SQL Database attached to your PSIsafe installation, but no corresponding file could be found on the disk.
This screen contains a procedure for going through all of the cabinets checking for any of these erroneous 0KB files. Simply select the cabinet(s) to be updated from the list to the left and click the "Go" button. The progress bars will display the status of the ongoing operation. This may take a considerable amount of time for cabinets with large quantities of documents. Until this operation is complete, the file size in the cabinets may not be accurate.
Once complete, a list of 0KB documents will be presented to the user. These are files which have no data stored in them. There can be several reasons for this. Perhaps the file has been corrupted on the hard drive and needs to be restored from backup. Prior versions of PSIsafe allowed for the storage of 0KB files, so it may just be a leftover from prior versions. Each of these 0KB file should be evaluated. The list can be saved to a spreadsheet via "Save Results to File".
The Diagnostics section of the Tools area is designed to quickly fix a variety of issues that can occur in PSIsafe over long periods of time, or between upgraded installations. If users are encountering any issues with files in a specific cabinet, select the cabinet in question via the "Cabinet" button, and select each of the four "Process" buttons independently. This will perform basic metadata checks and automatically fix any errors detected.
The only function of this screen is to improve the performance of PSIsafe in a variety of loading scenarios by aligning the indexes of the SQL database to match the most commonly used areas of your installation. The "Set All Indexes" function should be performed on a regular basis to ensure your PSIsafe installation maintains high performance standards.
Bottom Bar of PSIsafe Management
The status bar at the bottom of the PSIsafe Management Application displays information about the current settings for the selected PSIsafe Installation, including:
- PSIsafe Server - is the IP address of the server where the server software is installed.
- SQL Server - is the IP address of the server which has the SQL software installed. These servers can be located on physically separate machines.
- DB – the name of the database currently logged into.
- User – the name of the user logged into Management.
Keywords: PSIsafe Management System Settings, PSIsafe Management Options, PSIsafe Management Key Concepts, How to create Scheduler Categories, How to create Status, PSIsafe Management System Settings