The information on this page refers to LM-X version 6.0 and newer, which implemented YAML configuration. As of LM-X v6.0, legacy configuration files from LM-X versions prior to v6.0 will no longer work (see the note below on migrating your old configuration file to the new YAML format). If you are using a version of LM-X older than LM-X v6.0, please see documentation for older versions. |
By default, a new YAML configuration file will be created automatically after installing and running v6.0 or newer.
As of v6.0, legacy configuration files from LM-X versions prior to v6.0 will no longer work. If you use an existing configuration file from an older version when you start up the license server in v6.0 or newer, the configuration file will be migrated to the new YAML format.
The old configuration file does not include settings for the web server used to run the new LM-X License Server UI. To enable the web server and access the LM-X License Server UI, you must manually add the following lines to the newly migrated configuration file:
web_server:
tcp_listen_port: 6199
After adding these lines to the configuration file and restarting the LM-X server, you can access the LM-X License Server UI at https://URL:6199.
This page details all LM-X license server configuration settings, their valid values, and required YAML syntax.
The configuration file includes settings for:
- License server
- High Availability Licensing (HAL)
- Logging Configuration
- Denial Store and User Removal
- API Password
- Pay-Per-Use Database
- Fast Queuing
- Web Server
- Groups
- License Checkout Access Rules
- License Borrow Access Rules
- License File
Note the following:
Configuration Changes: All settings can be modified either directly in the configuration file or by using the LM-X License Server UI. However, any changes will only be applied after a restart of the license server.
Admin User Management: The web server configuration must include an
admin
user. If theadmin
user is missing in the configuration, it will be automatically recreated using the default passwordadmin
. This default password can be changed later using the LM-X License Server UI.YAML Syntax: As of LM-X License Manager v6.0, the LM-X license server configuration is defined using YAML. Ensure you use proper YAML formatting, including indentation and case sensitivity for keys. Incorrect syntax may lead to configuration errors or server misbehavior. To avoid errors, using the LM-X License Server UI is recommended.
License server settings
The license_server
settings configure the TCP port and bind addresses for the license server. The license_server
settings are detailed below.
tcp_listen_port
- Description: Specifies the TCP port number on which the license server listens for data traffic.
- Type: Integer
- Default:
6200
- Reference: IANA Port Numbers
tcp_bind_address
(Optional)
- Description: Restricts client connections to specific networks. When defined, the server accepts connections only from clients whose IP addresses match the provided values.
- Example syntax:
tcp_bind_address: ipv4: '192.168.21.123' ipv6: '8000:8000:8000:8000:abcd:1234:12df:fd54'
- Note: If not specified, connections from all networks are accepted.
High Availability Licensing (HAL) settings
The hal
settings are used to configure redundant servers for High Availability Licensing (HAL). HAL ensures high availability for critical software by requiring at least two out of three configured servers to be operational. The HAL settings are described below.
master
:
- Role: Primary server; supports both CHECKOUT and BORROW requests. This should be the most powerful server.
slave1
:
- Role: Secondary server; allows CHECKOUT but denies BORROW when the master is unavailable. This should be the second most powerful server.
slave2
:
- Role: Fallback server; does not allow CHECKOUT or BORROW. This should be the least powerful server.
Example syntax:
hal:
master:
host: 'server1'
port: 6200
slave1:
host: 'server2'
port: 6200
slave2:
host: 'server3'
port: 6200
Important: The HAL server list must be identical across all servers for proper operation. For more details, refer to the LM-X End Users Guide on High Availability Licensing.
Logging configuration settings
The log
settings define the logging behavior of the license server. The log settings are described below.
path
:
- Description: Full path to the log file.
- Syntax: A string representing the file path.
- Example: '
/home/user/lmx-serv.log'
format
:
- Description: Determines the level of detail in the log file.
- Valid values:
normal
(default)extended
(includes additional debugging information such as HostIDs and VM status)
exclude
(Optional):
- Description: Specifies which log messages to exclude.
- Valid Message Types:
checkout
,checkin
,status
,borrow
,borrow_return
,remove_user
,remote_restart
,remote_shutdown
,heartbeat
,blacklist
,reservation
,reservation_checkout
,reservation_normal_return
,reservation_early_return
,automatic_discovery
rotate_interval
:
- Description: Sets the interval for log file rotation (midnight rotation).
- Valid values:
day
,week
,month
,never
(default isnever
)
Example syntax:
log:
path: '/home/user/lmx-serv.log'
format: normal
exclude:
- checkout
- checkin
- status
rotate_interval: month
Denial storage and user removal settings
The denial storage and user removal settings are described below.
denial_store_period
- Description: The duration (in seconds) for which the server retains denial information.
- Valid Range: Between one minute and one year.
- Default:
86400
(one day)
min_user_remove_time
- Description: The minimum time (in seconds) that must elapse before a user can be removed using the
lmxendutil
utility. - Valid values:
- A positive integer (default is
120
seconds) -1
: Disables user removal
- A positive integer (default is
- Example syntax:
min_user_remove_time: 120
API password setting
The api_password
setting is used to set the API password used for remotely stopping/restarting the license server and for removing users. The api_password
setting is detailed below.
- Example syntax:
api_password: '$argon2id$v=19$m=65536,t=3,p=4$PVbKB+ekhE0ZBJ/2z1ggwQ==$+PjvNqhTnRlCxtApKJqq6kFYfPlR5QFVaXN5jEaT5t4='
- Note: This setting is sensitive; ensure proper security measures are in place.
Pay-Per-Use database settings
The pay_per_use
settings configure the database used for billing and usage tracking. The pay_per_use
settings are detailed below.
path
:
- Description: Path to the pay-per-use usage database.
- Syntax: String indicating the database file location.
- Example: '
/var/ppu.db'
format
:
- Description: Determines the level of detail recorded.
- Valid values:
normal
(basic usage information)extended
(includes additional user information)
write_interval
:
- Description: Number of actions after which the database commits are made.
- Default:
1000
anonymization
:
- Description: Enables the anonymization of usernames by hashing them.
- Valid values:
true
orfalse
(default isfalse
)
Example syntax:
pay_per_use:
path: '/var/ppu.db'
format: normal
write_interval: 1000
anonymization: true
Fast Queue settings
The fast_queue
settings allow bypassing the normal queuing process if the license request can be satisfied immediately; for example, if a client requires fewer licenses than those immediately available. The fast_queue
settings are detailed below
- Valid values:
- A list of feature identifiers.
- Example syntax:
fast_queue: - f1 - f2 - f3
Web Server Configuration settings
The web_server
settings enable and configure the web interface used for remote management of the license server.
tcp_listen_port
:
- Description: TCP port for the web interface.
- Example:
6199
tcp_bind_address
(Optional):
- Description: Restricts access to specific IP addresses (IPv4/IPv6).
cert_chain_path
and private_key_path
(Optional):
- Description: File paths for the SSL/TLS certificate chain and private key. Used to secure the web interface.
users
:
- Description: A mapping of user credentials required for accessing the UI.
- Mandatory Admin User:
- An
admin
user must exist for the UI to function. - Behavior: If the admin user is missing from the configuration, it will be automatically recreated with the default password "admin". This password can be changed via the LM-X License Server UI.
- An
- Example syntax:
web_server: tcp_listen_port: 6199 users: admin: password: '$argon2id$v=19$m=65536,t=3,p=4$PVbKB+ekhE0ZBJ/2z1ggwQ==$+PjvNqhTnRlCxtApKJqq6kFYfPlR5QFVaXN5jEaT5t4=' role: admin
Group settings
The groups
settings allow the creation of groups for users, hosts, or IP addresses to reduce redundancy in configuration files.
- Usage:
Define groups that can later be referenced in access rules. - Example syntax:
groups: admins: - 'admin1' - 'admin2' users: - 'user1' limited_users: - 'userA' ip_address_blacklist: - '1.2.3.4' - '1.2.*.*' banned_users: - 'baduser1' - 'baduser2'
License Checkout Access Rule settings
The checkout
settings control which clients are allowed or denied the ability to CHECKOUT licenses, as well as setting license limits and reservations.
access
:
- Description:
A list of rules evaluated in order. If no rule matches, the client is allowed by default. - Rule Properties:
feature
: Specify the license feature (use'*'
for all features).allow
ordeny
: Define lists ofusers
,hosts
, orip_addresses
.
limit
:
- Description:
Restricts the number of licenses that can be in use for a given feature. - Properties:
count
: Maximum licenses allowed.- Target groups or individual clients (
users
,hosts
, orip_addresses
).
reserve
:
- Description:
Reserves a specific number of licenses for certain users or groups.
Example syntax:
checkout:
access:
- feature: 'f1'
allow:
users:
- 'bob'
- 'alice'
- feature: 'f2'
allow:
hosts:
- 'localhost'
users:
- 'bob'
- 'alice'
ip_addresses:
- '1.1.*.*'
- feature: '*'
deny:
users:
- 'bob'
- 'alice'
limit:
- feature: 'f1'
count: 6
users:
- 'limited_users'
- feature: 'f3'
count: 3
hosts:
- 'host666'
- feature: '*'
count: 1
ip_addresses:
- '123.123.123.123'
reserve:
- feature: 'f1'
count: 5
users:
- 'bob'
- 'alice'
- feature: 'f16'
count: 10
hosts:
- 'localhost'
License Borrow Access Rule settings
The borrow
settings control which clients are allowed to borrow licenses and impose limits on the number of licenses that can be borrowed or the duration of the borrow.
access
:
- Description:
Explicitly allow or deny borrow requests. - Rule Properties: Similar to checkout, with rules for
feature
and client matching.
limit
:
- Description:
Restricts the number of borrowed licenses and/or the allowed duration. - Properties:
count
: Maximum number of licenses.hours
: Maximum borrow time in hours.ignore
: Specify exceptions (e.g., certain users or hosts).
Example syntax:
borrow:
access:
- feature: 'f1'
allow:
users:
- 'bob'
- 'alice'
- feature: 'f2'
allow:
hosts:
- 'localhost'
ip_addresses:
- '1.1.*.*'
- feature: '*'
allow:
users:
- 'test'
- feature: 'f3'
deny:
users:
- 'bob'
- 'alice'
limit:
- feature: 'f5'
hours: 3
- feature: 'f1'
count: 6
ignore:
users:
- 'bob'
- feature: 'f3'
hours: 3
ignore:
hosts:
- 'host666'
- feature: '*'
count: 1
ignore:
ip_addresses:
- '123.123.123.123'
License file settings
The licenses
settings define where the license server searches for license files and optionally let you embed license data within the configuration.
path
:
- Description:
A list of directories or explicit file paths to search for license files. - Platform Defaults:
- Windows: Searches for
<vendor>.lic
in the same directory as the license server if unspecified. - Unix: Searches for
/usr/x-formation/<vendor>.lic
if unspecified.
- Windows: Searches for
embedded
:
- Description:
Embeds license details directly into the configuration file. - Syntax:
A block scalar (using|
) containing the license information.
Example syntax:
licenses:
path:
- '/home/user/licenses/'
- '/tmp/lmx.lic'
embedded:
- |
FEATURE F1
{
VENDOR=TEST-VENDOR COUNT=1 VERSION=5.0 END=2030-01-01 MAINTENANCE_END=2030-01-01 SHARE=VIRTUAL
PLATFORMS="Linux_x86 Linux_x64 Linux_arm64 Linux_arm32" "_x64" OPTIONS="TEST-VENDOR TYPE=NETWORKED"
KEY=AbCdEfGhIjKlMnOpQrStUvWxYz0123456789...
}