Introduction to Settings
The Settings menu allows you to configure different parts of the Teramind Dashboard, Agent, Security, Alerts, etc.
Click on a tab at the top to open individual settings pages.
Some settings, such as the SMTP and Server, are only available on On-Premises/Private Cloud deployments. Some options within certain settings aren't available to all deployments either. For example, the Agent automatic update under the Agents settings is only available on Cloud deployments.
SMTP
This option is available on On-Premises/Private Cloud deployments only.
For sending notifications, delivering scheduled reports, and facilitating other communications, Teramind employs the SMTP email standard. You can specify your SMTP server configuration on this page to enable proper access for Teramind.
Server configuration:
1. Enter the SMTP Server and Port. Consult your email server's settings or contact your email provider for the SMTP configuration.
2. Provide the Sender Email. Teramind's outgoing emails will use this address.
3. Optionally enable Send instance hostname. This disabled-by-default option sends the client's hostname to the server, aiding in resolving email relay issues with services like Gmail.
4. Enter the Username and Password for the SMTP server.
5. Select an Encryption option: SSL, TLS, or None.
6. Enable Verify Server Certificate (optional) to access the Upload trusted certificate section. Click Select file to upload a trusted CA certificate (.pem or .crt file). Disabling this forces the system to ignore invalid certificates, useful for self-signed certificates. Click the Trash Can 
icon to delete any uploaded certificate.
7. Once configured, Test your SMTP settings. Enter an email address and press Save changes and send test to send a test email.
Alerts
On the Alerts tab, you can customize how users receive various alert emails, configure the alerting frequency, and personalize the appearance of the alert messages.
Exceeding license alerts:
1. When the Send license overutilization daily email alert option is enabled, Teramind sends daily email alerts to specified addresses if the number of monitored users exceeds the license limit. The email looks like this:
Daily Digest Email Alerts
2. By default, only administrators receive the daily digest/snapshot report via email. Enabling the Send daily snapshot emails to department managers option will also send the report to department managers.
This email report includes sections like Alerts, Emails, Instant Messaging, Printing, and Websites, but you can customize which sections are included.
The report's appearance is identical to what administrators receive, but the data displayed is filtered to show only the users assigned to the specific department manager:
You can toggle the Disable Daily Digest Report option for an employee from their profile, under the Account tab.
Alerts and Limits:
3. The Alert emails limit field sets the threshold for grouping identical alerts into a single email digest. The system will send this specified number of individual alert emails before consolidating subsequent identical alerts into a summary email. For Cloud deployments, the range is 1-100; for On-Premises/Private Cloud deployments, it's 0-1000. Setting this value to 0 will send each alert individually. The default is 16 emails.
4. The Maximum daily alerts count field limits the total number of alerts logged by Teramind per alert type each day. You can also configure an alert limit at the rule level within the rule's Advanced Mode action panel (using the "Choose maximum number of saved alerts per day" option). The default is 5 alerts.
5. The User notification alert threshold field applies to rules with a Warn or Block action. This threshold defines the minimum time interval, in seconds, between alerts displayed to the user. Setting it to 0 will show users every triggered alert, regardless of frequency. The default is 120 seconds.
6. The Log alert threshold field determines the minimum time interval, in seconds, between logging alerts within the Teramind system. Setting this to 0 will log every triggered alert without any limitation. The default is 1 second.
7. The Rule task selection action timeout field allows you to define the timeout period (in seconds) when automatically switching tasks using the Switch Task rule action:
If a user changes their activity and stays in the new activity for the specified duration, the rule will be re-evaluated.
If a user begins an activity and no Switch Task rules are in place, their task will automatically change to the default task (see the Default Task option under Agents settings) after the defined number of seconds. The default timeout is 300 seconds (5 minutes).
Custom alert template:
8. This section controls the appearance of HTML rule alert messages.
Certain rule Actions, like Warn and Block, allow you to display these messages using an HTML template by enabling the Use HTML Template option:
The Position on screen option lets you choose where the alert message appears (e.g., Center, Top right, Bottom left). The default is Center. You can also specify the Width and Height of the message box.
You can customize the visual style of these rule messages by entering HTML code in the HTML Template field.
Here's an example of how an HTML alert message might appear on a user's computer:
Here are the Custom alert template settings used for the above example:
Position on screen | Center |
Width | 500 |
Height | 140 |
HTML template: | <center><div style="background-color: #ffdddd; padding: 16px; font-family: Arial;"><p style="color: #d8000c; font-size: 20px;">%ALERT%</p><button style="padding:5px; width:70px; background-color: #f44336; color: white;">OK</button></div></center> |
You can incorporate dynamic variables like ALERT and DETAIL within your messages. Additionally, alerts can include interactive buttons such as OK and CANCEL. For visual enhancements like icons or logos, you can also embed base64-encoded images directly into your HTML.
For detailed instructions on utilizing this customization feature, please refer to this article in our Knowledge Base.
If you don't use the HTML template (by disabling the Use HTML Template option in the rule's action), the alert message will appear as a simple white box with an orange background in the top-right corner of the user's desktop.
Access Tokens
The Access Tokens screen displays existing tokens and enables you to create your own for use with the Teramind API. Administrators can also manage tokens created by other users.
1. Click the Generate New Token button to create a new access token.
2. Click the Edit 
icon (under the Actions column) to edit an access token (note, once a token is created, you cannot edit the actual token, you can only change its label/name). Click the Trash Can icon to archive (delete) a token. You can also click the Three Dots 
to access a token’s Context Menu and select the Edit Access Token or Archive Access Token option to edit/archive a token.
Creating a New Access Token
When you click the Generate New Token button from the Access Tokens tab, a panel on the right side will let you create a new access token:
1. Give the token a label/name.
2. Click the Generate Access Token button. A token will be generated:
3. Click the Copy 
icon or the Copy Token button to copy the token to the clipboard.
Save the token you created in a safe place. You will not be able to view the token once you exit this screen.
Changing the Permissions of an Access Token
By default, only an Administrator, Operational Administrator, or Department Manager can create an access token, and the token inherits the access permissions associated with that account. An Employee or Infrastructure Administrator cannot create an access token.
However, you can still assign an access token to a regular Employee or Infrastructure Administrator with the access permissions available to that account type. To do so:
1. Log in as an Administrator.
2. Create a new admin user or change an existing user's role to the "Administrator" account type.
3. Log in to that user's account.
4. Create an access token.
5. Log out of that user's account.
6. Log back into your account.
7. Change the user's account type to "Employee" or "Infrastructure Administrator".
This way, the access token you created will only have the access permissions of an "Employee" or the "Infrastructure Administrator" account type you assigned in the last step.
Authentication
The Authentication tab allows you to configure access to the Teramind Dashboard. Here, you can set up password policies, Single Sign-On (SSO), Active Directory LDAP authentication, the dashboard settings change confirmation method, and login IP restrictions.
Password + Two-Factor authentication (2FA):
1. Enabling the Enable password + 2FA option allows users to access the dashboard with their Teramind-created email and password. On Cloud deployments, Two-Factor Authentication (2FA) will be automatically enforced. You can also configure password minimum length, complexity, expiration period, and other settings here.
On On-Premises/Private Cloud deployments, this section is called Password. And there is a separate Two-Factor authentication (2FA) option to enable/disable 2FA authentication:
Single Sign-On (SSO):
2. Enabling the Enable SSO option allows users to authenticate to the Dashboard using a Single Sign-On (SSO) service like Okta or OneLogin via the SAML 2.0 protocol.
When you enable this option, additional options to set up the SSO integration will be displayed.
Check out this Knowledge Base article for details on these options and step-by-step instructions on setting up an SSO integration.
Note that even after enabling SSO, newly created users will still need to set a password for making account changes or logging in through the Teramind Revealed Agent.
New Agents:
3. The Auto register new agents option is relevant when using SSO. If enabled, and if no existing agent (user) matches the identity provider's email, a new user account will be automatically created upon login. Once you enable this, you can configure default settings for these new users, such as their ability to view historical playback and activity reports. These options are similar to the ones available on the Account tab of an employee's profile.
LDAP authentication:
4. If you have successfully integrated Active Directory, you might want to use your LDAP domain credentials to log in. In that case, you can enable the Enable LDAP option. Refer to t the Active Directory section for detailed information on AD setup.
Changes confirmation:
5. The Confirmation Method option allows you to customize how changes are confirmed within the Dashboard. Certain settings modifications (e.g., altering an employee's access level) require confirmation before implementation, typically appearing as a dialogue box. By default, this dialogue prompts for your password. The Confirmation Method option lets you select your preferred authentication method for these confirmations. Depending on your setup, you can choose from Password, 2FA Code, and LDAP. Selecting the Disabled option will bypass all confirmation prompts for any changes within the Dashboard.
Notes about the Confirmation Method
If you switch the confirmation method, ensure the new method is configured and accessible. For instance, changing from LDAP to Password requires each admin/privileged user to have a password set on their Teramind account. If a password isn't set, they will be prompted to create one before making Dashboard changes.
Similarly, switching from LDAP to 2FA Code requires users to set up their two-factor authentication. However, this is only possible if the Force 2-Factor Authentication option is enabled. Otherwise, users might encounter issues logging in or making Dashboard modifications.
Therefore, it's crucial to verify that all administrators and privileged users have the chosen confirmation method set up before you change this setting.
Here are some additional points to consider:
2FA Code: This option requires employees to have 2FA enabled and activated on their profile.
LDAP: Employees must log in with their LDAP credentials and possess administrator rights. Additionally, ensure the employee is configured as an External user (in their profile's Account tab). Note that if using a self-signed certificate with this option, you might see an "Invalid confirmation password" error. To resolve this, upload your self-signed certificate in the Activity Directory settings.
If a selected authentication method is unavailable for a user, the Password option will be presented for confirming changes.
Allowed IP addresses for dashboard access:
6. The Allowed IPs option lets you specify the IP addresses that are permitted to log in to the Dashboard.
Active Directory
Teramind can be integrated with Active Directory to import your users, computers, groups, attributes, and other important metadata. Teramind's integration with Active Directory is read-only. Remember, you can still monitor users who are not in the domain by simply installing an agent on their computer.
Active Directory/LDAP integration provides the following benefits:
The ability to report based on the OUs
The ability to filter reports with attributes
The ability to apply rules to OUs and/or groups
The ability to remotely install on computers based on name or AD group membership
The ability to use Teramind only on a specific group
The ability to exclude a group from being monitored
The ability to log into the dashboard via domain authentication
Teramind integrates with Active Directory (AD), treating Organizational Units (OUs) as Departments. You can configure specific AD Groups and OUs to control user and computer monitoring, including enabling or disabling it. Selecting all groups and OUs will monitor all users and PCs in AD.
Additionally, Teramind can import both standard and custom AD attributes. To import attributes, you'll need to configure "Fetch objects" (more details below). These imported LDAP groups and attributes can then be used to filter dashboards and reports.
1. Click the New integration for button to create a new AD integration.
2. You can click the Three Dots to access a token’s Context Menu:
Edit AD Integration: to edit an integration. Editing an integration is similar to creating a new integration. Note: you can also use the Edit
icon (under the Actions column) to edit the integration.View Log: to view the sync log. Note: you can also use the Log
icon (under the Actions column) to view the log. The log is shown on the right panel like this:
Archive AD Integration: to archive (delete) an integration.
Creating a New AD Integration
When you click the New integration for button from the main Active Directory settings page, a pop-up will open:
Enter a domain name and press the Save button. You will be taken to the Active Directory setup screen:
You can duplicate the settings to create another AD integration.
LDAP Settings
1. You can click the Three Dots at the top-right corner to access Context Menu. You can Duplicate the domain integration or Delete the integration from this menu.
LDAP Settings:
2. Configure the LDAP settings. Here's an explanation of each setting:
LDAP server | Hostname or IP address of your domain controller, e.g. |
LDAP Port | In most cases, the default port 389 should work. |
Domain name | Your Active Directory domain name, e.g., |
Login | Enter an account, e.g., |
Update password | Click this button to update the password for the above-mentioned account. |
Encryption Method | You can use tls, ldaps, or none. Note that you might need to change the LDAP Port if you change the encryption method.
If you choose the tls or the ldaps option, another option, LDAP certification validation type, will be displayed. See below: |
| This will allow you to choose how you want to validate the LDAP certificate and, if you want to upload your self-signed certificate: · Accept valid - only valid certificates are accepted · Accept any - accept valid/invalid certificates · Accept specified or valid - accept valid or self-signed certificates |
| If you choose the Accept specified or valid option from the LDAP certification validation type menu, the Upload LDAP trusted certificate will be displayed. By clicking the Select file button, you will be able to upload your own CA certificate. |
Use domain name remapping | If enabled, allows remapping of a domain name in accordance with the rules, e.g., |
Replicate computer's state | If turned on, it will replicate the AD computer state with Teramind. AD-enabled computers will be imported as auto-monitored. AD-disabled computers will be imported as non-monitored.
If turned off, it will ignore the AD computer state (old behavior, default) |
Limit fetching | If enabled, Teramind will show additional options where you can specify OUs and groups. See below: |
| If enabled, will fetch child OUs and groups only (respect hierarchy) |
| Limit fetching by entered OUs (comma-separated names). If left empty, Teramind will fetch all OUs. |
| Limit fetching by entered groups (comma-separated names). If left empty, Teramind will fetch all groups. |
3. Click the Next: Fetch Attributes button to start fetching the attributes.
Additional Settings:
4. As soon as fetching is done, you will be able to specify additional options for attributes according to the table below. Note: If something went wrong during the fetch process, error messages will be displayed in the Log section near the bottom of the screen.
Please note that msDS-ManagedPassword attribute is not readable from AD, and attempting to import it will throw an error message during the import process, “Error: Trying to pass ‘msDS-ManagedPassword’ attribute over insecure connection. Please change connection settings or uncheck the attribute”. As a workaround, uncheck the msDS-ManagedPassword attribute in the IMPORT ATTRIBUTES field and repeat the import process.
Update interval days | Enter how often (in days) to perform Active Directory syncs. |
Import attributes | Attributes can be synced to allow more detailed reporting and user grouping. Select the attributes you want to sync into Teramind. Default is |
Import users and computer from OUs | Import users and computers from the selected organizational units into Teramind. Default is |
Group to OU attribute | Groups with this attribute set to |
Monitor only users in these groups | Enable monitoring for users in these groups and disable monitoring for users not in these groups. |
Do not monitor unavailable users | If enabled, Teramind will automatically disable monitoring of all users that are not in the AD or out of the synced OU.
Note that disabling users in the AD will not stop their monitoring. In order to disable monitoring of AD-synced users, you will have to either delete them in the AD or move them outside of any synced OUs. |
5. Click the Next: Start Import button to initiate the import process. You might have to wait for a couple of minutes, depending on the AD object count and hierarchy. Once the import is done, refresh the page to view the changes. Note: If something went wrong during the import process, error messages will be displayed in the Log section near the bottom of the screen.
Log:
6. The Log section shows the task progress and any errors the system might encounter. You can download the log by clicking the Download log button.
After you have set up Active Directory, visit the Security tab to enable domain authentication for the Teramind Dashboard.
*How to avoid duplicate users when the Active Directory domain changes?
If the user is the same and the domain changes, then you can use the TMDOMAINOVERRIDE Agent Installation/Configuration Parameter to keep the old domain. This won't fix the duplicate users already present on the Dashboard, but it will help you avoid new duplicate users. Note that Teramind doesn't allow two users with the same user@domain.
OCR
The OCR tab allows you to view OCR status and set up notifications for OCR mining delay.
OCR (Optical Character Recognition) status:
1. The Latest mined piece of data is for shows the date and time when the OCR engine last processed a screen image, and the Session mining delay shows the time it took for the OCR engine to analyze the last screenshot and detect text inside that image.
Email notification options:
This section is available on On-Premises/Private Cloud deployments only.
2. The Set mining delay threshold option lets you toggle notification for the email alert. If you enable it, a Threshold field will be shown. Enter a value (in minutes). If the Session mining delay crosses this threshold, Teramind will send an email notification. The email looks like this:
3. You can temporarily disable the notification by enabling the Disable email notifications option. Select a date until which the notification will be disabled.
Email notifications recipients:
This section is available on On-Premises/Private Cloud deployments only.
4. Select internal users who will receive the email notifications.
Agents
The Agents tab allows you to configure the default settings for the Teramind Agent, including how new users are created, default task assignment, screen records management, and the auto-update feature.
Default task:
1. You can assign a Default task for employees at the start of their workday (this applies when using the Stealth Agent). For this change to take effect, the user's computer will need to be restarted. Keep in mind that you can also change or override an employee's default task from their profile under the Account tab.
Default settings:
2. Enabling the Create new user on first agent connection option will automatically create a new user account the first time the agent connects to the server, if that user doesn't already exist. This is particularly useful for environments with numerous unmonitored accounts, such as service accounts, preventing them from cluttering the system.
3. With the Enable monitoring for new agents option enabled (and if your license permits), new Agent installations will have monitoring activated by default. If disabled, new Agents will remain unmonitored until you manually activate them via the Teramind Dashboard (you can enable/disable employee monitoring from the Employee Actions Menu).
4. If the Enable monitoring for new computers option is enabled (and your license permits), new computer installations will be monitored automatically. If disabled, new computers will not be monitored until you manually activate them through the dashboard (you can enable/disable computer monitoring from the Computer Actions Menu).
5. Enable the Enable web login for new agents option to allow your users to log in to the Teramind Dashboard. Note that you can also manage this setting for individual employees using the User can login to Teramind Dashboard option in their profile's Account tab.
Screen records management:
6. The Default action for screen records option allows you to pre-select an action in the screen record deletion confirmation window. When you attempt to delete time and screen records from areas like the Live View > Snapshots dashboard or an Employee's Details screen, a confirmation window appears. This window presents you with several options for how you want to remove the records:
Keep screen records | This option will remove the time/task record but retain the associated screen recording. |
Restrict access for screen records | This option will remove the time and task record and limit access to the screen recording to users with the Restricted historic screen stream access permission. Users without this permission will be unable to view the recording. |
Remove screen records | This option will delete the screen recording entirely. |
Agent automatic updates:
This section is available on On-Premises/Private Cloud deployments only.
7. If the Enable automatic updates option is turned on, deployed Agents will automatically update whenever a new version is released.
Security
The Security tab allows you to view and modify security settings related to hostname, session cookies, Agent protection, and data export restrictions.
Hostname:
This section is available on On-Premises/Private Cloud deployments only.
1. Enter a Hostname such as acme.teramind.co.
It’s best practice to give your Teramind server a DNS entry. This way, you can click on links in the email alerts, use your own SSL certificates, and enjoy other benefits as well.
If you are using SSO and have configured it before changing the hostname, it might not work properly. E.g., users might still get redirected to the old host/IP address. To fix that, log in from your new host address, and the SSO settings will be automatically updated on the Configurations > Security > Authentication screen. Click the Save changes button on that screen to save the new SSO settings. For more information, check out this troubleshooting article.
Sessions:
The Session tab allows you to control how your dashboard sessions should be handled by the browser.
2. The Storage Type section lets you select whether it will be a Persistent cookie or a Session cookie. A persistent cookie is kept for the duration/lifetime of the Cookie expiration (cookie lifetime, see below) value. A session cookie gets flushed when you close your browser (different per browser settings) or until Cookie expiration expires.
3. The Cookie SameSite section lets you select the cookie attribute whether the cookie is restricted to a first-party or same-site context. Lax cookies are not sent on normal cross-site sub-requests (for example, to load images or frames into a third-party site) but are sent when a user is navigating to the origin site (i.e., when following a link). Strict cookies will only be sent in a first-party context and not be sent along with requests initiated by third-party websites. Opening a dashboard by clicking on a link from anywhere outside of the dashboard will require re-authentication. Selecting None will send the cookie with both cross-site and same-site requests.
4. The Cookie expiration field lets you define how long an authorization cookie will be valid (in minutes). An authorization cookie is a temporary secret used to authenticate the browser. It will be automatically updated in the background while the user is active. The update process takes a few seconds before it is going to expire. If the user closes the browser before the secret is updated, the session will be closed, and the user will need to authorize again. The default value is 120 minutes.
5. The Idle timeout field lets you define how long a session will remain active when the user is idle (in minutes). If the user is not active for the number of minutes defined, a pop-up window will ask the user if they want to resume the session. If there is no response, the session will be closed automatically, even if the Cookie expiration is still valid.
Stealth agent protection:
6. You can optionally install the Teramind Stealth Agent (Windows only) in protected mode to make it more difficult for unauthorized users and administrators to remove it. This section allows you to set a password for protecting the Agent installation.
Enter a password to protect the Agent installation. Later, when you uninstall the Agent, you will have to specify this password with the Agent Removal tool.
You can also protect an Agent by using the
Make sure to set the password before installing the Agent. If you set the password afterwards, there might be problems with managing the Agent and uninstalling it. |
Data export:
7. By default, Teramind allows you to export reports and video recordings to any email address. But you can enable the Specify a domain to allow Teramind data export option to restrict the export to a certain domain.
In the Domain to allow exports field, enter the last part of an email address (the domain address including the ‘@’ symbol) to restrict export emails to that domain only. For example, @teramind.co. Note that this field checks for the end of an email address, not a strict match. Additionally, you can specify something like .teramind.co. In that case, any sub-domain of teramind.co will be included in the check. For example, [email protected] and [email protected]o – both will be allowed as valid email addresses.
You can only specify a single domain. Multiple domain restrictions aren’t supported at the moment.
Note that this option does not affect scheduled reports. You can still send scheduled reports to email recipients who are not on the Teramind Dashboard (i.e., they are not on the Employees list). To prevent access to such exported use the Only authorized users can download exported files option (see below).
8. The Maximum email body length field allows you to set the maximum character size for the 'Body' column of an exported email report (e.g., the Emails dashboard). For example, here's a CSV report from the Emails dashboard with the Maximum Email Body option set to 2000:
And, here's the same CSV report, but this time the Maximum Email Body is set to 50:
Note how the text in the "Body" column is stripped to 50 characters and a "…" is added at the end of the text.
This feature is useful when you have many emails with large body text. Limiting the body text will make the report process faster and reduce the file size.
The default value for this field is 2000.
9. The Only authorized users can download files option allows you to limit access to scheduled reports to valid Teramind users (users added on the Employees list). If you send a report to an email recipient who is not on the Teramind employees list, the email recipient will still get the automated email, but the report download link in the email will not work.
This is useful for the privacy and security of your data. For example, if a recipient of the automated report accidentally or intentionally forwards the email to someone else, the other person will not be able to access this report unless they are authorized.
This option applies to scheduled export reports only. It does not apply to the reports available on the Video Exports and Dashboard Exports screens. It also does not affect the Session Player’s Video Download/Export feature.
10. The Allow department managers to see and execute report option allows you to show/hide the export option on the Dashboard Actions Menu. If disabled, this option effectively disables the export of any reports by the department managers.
Send diagnostic data:
This section is available on On-Premises/Private Cloud deployments only.
11. Enabling the Agree to send diagnostic data to help us improve Teramind option allows Teramind to collect non-personal usage information, such as error logs and performance data, to improve app reliability and enhance your experience. Data is sent directly from Teramind Agents to our servers. The option is disabled by default.
Locale
The Locale tab allows you to configure localization settings such as currency, time, and language.
Time and Language:
1. You can change the default Language used by the system. Teramind supports English, Spanish, Chinese, Portuguese, Russian, and Turkish. Note that you can change the language for an employee/user from their profile’s Account tab.
2. You can select a time zone from the Timezone list.
3. Use the NTP Server to specify a time server. Teramind will automatically sync the clock with the server. You can select a generic server like clock.isc.org if your deployment has internet connectivity. For the best result, make sure all your monitored endpoints and the Teramind server are on the same NTP server. Otherwise, you may see discrepancies between the time an activity happened vs. the time it is recorded in Teramind. An accurate NTP time source is also important if 2FA is enabled because any difference in time between the Teramind server's time and the 2FA authenticator's device time will reduce the 30-second window that a 2FA code is valid for.
The NTP Server option is available on On-Premises/Private Cloud deployments only.
4. You can change the Time Format to 12-hour or 24-hour format.
5. You can change the Week Start Day to Sunday or Monday.
Currency
6. You can change the default Currency.
Server
This option is available on On-Premises/Private Cloud deployments only.
Teramind can be deployed as a cluster of servers to handle a large number of users. If you can see this setting on your dashboard, then it means you are on a Master node. Additional nodes (such as the OCR database and screen mining nodes) may connect and want to join this cluster. Here you can configure which nodes you want to accept into the cluster, and what their function should be.
Security settings:
1. You can enable/disable multi-node deployments with the Enable multi-node deployment option. It is necessary to keep it turned on if you have more than one Teramind server.
2. You can toggle SSH access with the Enable SSH access option. SSH is needed for remote login and configuration of Teramind servers, especially during the deployment phase.
3. If enabled, the Allow new nodes option will allow connection of new nodes to the system. For security reasons, we recommend you turn it off after you have configured all your nodes.
Server ports:
4. Managers and administrators will be able to access the Teramind Dashboard on the Management interface port. Make sure the port is available before using it. If you change this port, you will need to specify it on the Teramind Agent download links. For example:
msiexec /i https://acme.teramind.co:480/d/teramind_agent_v8.0.msi
Note that some ports are reserved and cannot be used. See the notes below for more information.
5. If you change the value in the Load balancer port, Teramind Agent will query that port instead of the default 443 port when looking for a Teramind server to connect to. If you change it to something other than 443, you will need to use the TMROUTER parameter when installing the Teramind Agent. For example:
msiexec /i teramind_agent_x64_s.msi TMROUTER=101.12.1.2:1580
Note that some ports are reserved and cannot be used. See the notes below for more information.
Reserved Ports:
The following ports are reserved and cannot be used for the Management Interface or Load Balancing: 22, 111, 5432, 4730, 8000, 8001, 8002, 9000, 6379, 10000, 10001. |
Nodes:
6. If you have set up other nodes, you will see them under the Nodes section:
Click the Remove button to cancel approval (un-approve) for a previously approved node.
Click the Forget button to completely delete a node. For example, if you deleted a virtual machine/server used by an OCR node, you can delete the node from here.
Click the Approve button to approve any pending node connection requests.