Global Configuration Form
{ }
Overviewβ
The Global Configuration Form (global_config_form) is a centralized storage form which holds data that can be shared across multiple packages for a single client. This is a default form that can be accessed by opening the clients screen in Pia and navigating to the Global Configuration box in the screen. This form can be viewed in the form editor, however it is in a locked state as it is managed by Pia.
The information stored by the Global Configuration form can vary from being specific per client environment to being generic that could be used for multiple environments. For Example: 'UPN of Admin Account' is only stored for Cloud Only and Semi-Hybrid environments however, Password Options are available for any environment type.
The Global Config values stored for a client can be retrieved and used by all the available Pia packages for the client using conditions and activities that are mentioned further below in this article.
Configurationβ
The Global Configuration form holds information that is divided across different sections within the form. Each section contains mandatory and optional fields that can be filled as per requirement.
Modeβ
This is the first section that lets you select the client's environment type. Client environment is determined by where the client has their application and workloads deployed and hosted. In the form, you can select from the following types:
Cloud Hybrid: Select Cloud Hybrid if the client has extended their existing on prem infrastructure to the cloud i.e. if they have their On Prem AD synced to their Office 365.
Cloud Only: Select Cloud Only if the client has their AD and Exchange entirely through Office 365 for example Teams i.e. if they have all the applications and workloads available in Office 365 but have no local or cloud hosted AD
On Prem Only: Select On Prem Only if the client has their infrastructure and applications only available in their local data center i.e. they only work through On Prem AD and Exchange
Semi-Hybrid: Select Semi-Hybrid if some of the client's infrastructure are available on prem and rest are on cloud but they are not synced together i.e. if the client has both On Prem AD and Office 365 but in unsynced condition
Configβ
The form fields in this section differ based on what mode is selected for the client. For each of the mode selected, following fields are available:
Cloud Hybridβ
All staff Group: Add the group name to point the package to retrieve all active staff members. If this is not set, Pia packages will retrieve staff name from all the available groups
Primary Domain Controller: Name of the primary domain controller. This is a required field.
Azure AD connect Server: Name of the Azure AD connect Server. This is a required field.
Exchange Server: Name of the Exchange Server used by the client. This is an optional field.
Cloud Onlyβ
All Staff Group: Add the group name to point the package to retrieve all active staff members. If this is not set, Pia packages will retrieve staff name from all the available groups.
UPN of Admin Account (Graph API Delegated Consent): Add the UPN Name of the Admin Account who has MS Graph Delegated consent. This is a required field.
On Prem Onlyβ
All Staff Group: Add the group name to point the package to retrieve all active staff members. If this is not set, Pia packages will retrieve staff name from all the available groups.
Primary Domain Controller: Name of the primary domain controller. This is a required field.
Azure AD Connect Server: Name of the Azure AD connect Server. This is a required field.
Exchange Server: Name of the Exchange Server used by the client. This is an optional field.
Semi-Hybridβ
All Staff Group: Add the group name to point the package to retrieve all active staff members. If this is not set, Pia packages will retrieve staff name from all the available groups.
Azure All Staff group: Add the Azure group name to point the package to retrieve all active staff members. If this is not set, Pia packages will retrieve staff name from all the available groups.
Primary Domain Controller: Name of the primary domain controller. This is a required field.
Azure AD Connect Server: Name of the Azure AD connect Server. This is a required field.
Exchange Server: Name of the Exchange Server used by the client. This is an optional field.
UPN of Admin Account: Add the UPN Name Admin Account who has MS Graph Delegated consent. This is a required field.
Password Optionsβ
Minimal Length: This is the password complexity configuration used by automations such as User Onboarding and Password Reset. You may set the password complexity requirement is based on your client's company policy.
You can select one or more options below to define how complex the password should be:
- Special
- Numbers
- Uppercase
- Lowercase
Extra Settingsβ
This section includes two checkboxes:
Enable Remote Desktop Config: Will open config form to setup Remote Desktop credentials for the client.
Enable VPN Config: Will open config form to setup VPN credentials for the client.
Remote Desktop Setupβ
Remote Desktop Type: Select the type of Remote Desktop used by the client from the available options. Here are the options available:
- RDP
- RD Web Access
URL/Server Address: Type the Server Address or URL to access the Remote Desktop.
Profile Name: Type the User Profile Name that has access to the Remote Desktop.
Security Group: Type the security group that has access to the Remote Desktop.
Properties: Type the properties of the Remote Desktop.
VPN Setupβ
VPN Provider: Select the VPN Provider used by the client. Here are the options in the form:
- Windows VPN (Built-In to Windows 10, L2tp/PPTP)
- Azure VPN
- WatchGuard SSL
- Cisco AnyConnect VPN
- PaloAlto GlobalProtect VPN
- SSL Enabled VPN
Profile Name: Enter a Profile Name to identify your VPN Profile. This is a required field.
VPN Server Hostname/IP: Enter the VPN Server Hostname or IP to access the VPN.
Properties: Enter the properties of the VPN Profile.
Client Installation:
VPN Access Group: Enter the group that has access to the company's VPN. This is a required field
VPN Type: Select the type of VPN Profile from the available options below:
- Automatic
- Point to Point Tunneling Protocol (PPTP)
- L2TP/IPSec with Certificate
- L2TP/IPSec with pre-shared key
- Secure Socket Tunneling Protocol (SSTP)
- IKEv2
Certificate Download (URL): Add the link to download VPN Certificate for a machine.
Certificate Password: Add the password to access VPN for a machine.
Pre-Shared Key: Add the Pre-shared key to access VPN for a machine. This is a required field.
Authentication Method: Select the authentication method for the VPN from the available options below:
- CHAP
- EAP
- MachineCertificate (Used for L2TP/IPSec with Certificate)
- MSCHAPv2
- PAP
VPN Encryption Level: Select the level of encryption required for the VPN from the available options below:
- Optional
- No Encryption
- Required
- Maximum
Developmentβ
The values stored in the Global Configuration Form can be accessed and used across multiple packages at once. The form includes both mandatory and optional values that can be implemented in packages as per the requirement.
Packages retrieve these values using one of the two methods mentioned below: