This page details all LM-X license server configuration settings, their valid values, and required syntax.
The configuration file includes settings for:
- License server
- High Availability Licensing (HAL)
- Logging Configuration
- Denial Store and User Removal
- API Password
- Pay-Per-Use Database
- Fast Queuing
- Web Server
- Groups
- License Checkout Access Rules
- License Borrow Access Rules
- License File
| Info |
|---|
Note the following:
|
| Anchor | ||||
|---|---|---|---|---|
|
The license_server settings configure the TCP port and bind addresses for the license server. The license_server settings are detailed below.
tcp_listen_port
- Description: Specifies the TCP port number on which the license server listens for data traffic.
- Type: Integer
- Default:
6200 - Reference: IANA Port Numbers
tcp_bind_address (Optional)
- Description: Restricts client connections to specific networks. When defined, the server accepts connections only from clients whose IP addresses match the provided values.
- Example syntax:
tcp_bind_address: ipv4: 192.168.21.123 ipv6: 8000:8000:8000:8000:abcd:1234:12df:fd54 - Note: If not specified, connections from all networks are accepted.
| Anchor | ||||
|---|---|---|---|---|
|
The hal settings are used to configure redundant servers for High Availability Licensing (HAL). HAL ensures high availability for critical software by requiring at least two out of three configured servers to be operational. The HAL settings are described below.
master:
- Role: Primary server; supports both CHECKOUT and BORROW requests. This should be the most powerful server.
slave1:
- Role: Secondary server; allows CHECKOUT but denies BORROW when the master is unavailable. This should be the second most powerful server.
slave2:
- Role: Fallback server; does not allow CHECKOUT or BORROW. This should be the least powerful server.
Example syntax:
hal:
master:
host: "server1"
port: 6200
slave1:
host: "server2"
port: 6200
slave2:
host: "server3"
port: 6200
Important: The HAL server list must be identical across all servers for proper operation. For more details, refer to the LM-X End Users Guide on High Availability Licensing.
| Anchor | ||||
|---|---|---|---|---|
|
The log settings define the logging behavior of the license server. The log settings are described below.
path:
- Description: Full path to the log file.
- Syntax: A string representing the file path.
- Example:
"/home/user1/lmx-serv.log"
format:
- Description: Determines the level of detail in the log file.
- Valid values:
normal(default)extended(includes additional debugging information such as HostIDs and VM status)
exclude (Optional):
- Description: Specifies which log messages to exclude.
- Valid Message Types:
checkout,checkin,status,borrow,borrow_return,remove_user,remote_restart,remote_shutdown,heartbeat,blacklist,reservation,reservation_checkout,reservation_normal_return,reservation_early_return,automatic_discovery
rotate_interval:
- Description: Sets the interval for log file rotation (midnight rotation).
- Valid values:
day,week,month,never(default isnever)
Example synta:
log:
path: "/home/user1/lmx-serv.log"
format: normal
exclude:
- checkout
- checkin
- status
rotate_interval: month| Anchor | ||||
|---|---|---|---|---|
|
The denial storage and user removal settings are described below.
denial_store_period
- Description: The duration (in seconds) for which the server retains denial information.
- Valid Range: Between one minute and one year.
- Default:
86400(one day)
min_user_remove_time
- Description: The minimum time (in seconds) that must elapse before a user can be removed using the
lmxendutilutility. - Valid values:
- A positive integer (default is
120seconds) -1: Disables user removal
- A positive integer (default is
- Example synta:
min_user_remove_time: 120
| Anchor | ||||
|---|---|---|---|---|
|
The api_password setting is used to set the API password used for remotely stopping/restarting the license server and for removing users. The api_password setting is detailed below.
- Example synta:
api_password: '$argon2id$v=19$m=65536,t=3,p=4$PVbKB+ekhE0ZBJ/2z1ggwQ==$+PjvNqhTnRlCxtApKJqq6kFYfPlR5QFVaXN5jEaT5t4=' - Note: This setting is sensitive; ensure proper security measures are in place.
| Anchor | ||||
|---|---|---|---|---|
|
The pay_per_use settings configure the database used for billing and usage tracking. The pay_per_use settings are detailed below.
path:
- Description: Path to the pay-per-use usage database.
- Syntax: String indicating the database file location.
- Example:
"/var/ppu.db"
format:
- Description: Determines the level of detail recorded.
- Valid values:
normal(basic usage information)extended(includes additional user information)
write_interval:
- Description: Number of actions after which the database commits are made.
- Default:
1000
anonymization:
- Description: Enables the anonymization of usernames by hashing them.
- Valid values:
trueorfalse(default isfalse)
Example synta:
pay_per_use:
path: "/var/ppu.db"
format: normal
write_interval: 1000
anonymization: true| Anchor | ||||
|---|---|---|---|---|
|
The fast_queue settings allow bypassing the normal queuing process if the license request can be satisfied immediately; for example, if a client requires fewer licenses than those immediately available. The fast_queue settings are detailed below
- Valid values:
- A list of feature identifiers.
- Example synta:
fast_queue: - "f1" - "f2" - "f3"
| Anchor | ||||
|---|---|---|---|---|
|
The web_server settings enable and configure the web interface used for remote management of the license server.
tcp_listen_port:
- Description: TCP port for the web interface.
- Example:
6199
tcp_bind_address (Optional):
- Description: Restricts access to specific IP addresses (IPv4/IPv6).
cert_chain_path and private_key_path (Optional):
- Description: File paths for the SSL/TLS certificate chain and private key. Used to secure the web interface.
users:
- Description: A mapping of user credentials required for accessing the web UI.
- Mandatory Admin User:
- An
adminuser must exist for the UI to function. - Behavior: If the admin user is missing from the configuration, it will be automatically recreated with the default password "MyPassword123". This password can be changed via the web UI.
- An
- Example synta:
web_server: tcp_listen_port: 6199 users: admin: password: $argon2id$v=19$m=65536,t=3,p=4$PVbKB+ekhE0ZBJ/2z1ggwQ==$+PjvNqhTnRlCxtApKJqq6kFYfPlR5QFVaXN5jEaT5t4= role: admin
| Anchor | ||||
|---|---|---|---|---|
|
The groups settings allow the creation of groups for users, hosts, or IP addresses to reduce redundancy in configuration files.
- Usage:
Define groups that can later be referenced in access rules. - Example synta:
groups: admins: - "admin1" - "admin2" users: - "user1" limited_users: - "userA" ip_address_blacklist: - "1.2.3.4" - "1.2.*.*" banned_users: - "baduser1" - "baduser2"
| Anchor | ||||
|---|---|---|---|---|
|
The checkout settings control which clients are allowed or denied the ability to CHECKOUT licenses, as well as setting license limits and reservations.
access:
- Description:
A list of rules evaluated in order. If no rule matches, the client is allowed by default. - Rule Properties:
feature: Specify the license feature (use"*"for all features).allowordeny: Define lists ofusers,hosts, orip_addresses.
limit:
- Description:
Restricts the number of licenses that can be in use for a given feature. - Properties:
count: Maximum licenses allowed.- Target groups or individual clients (
users,hosts, orip_addresses).
reserve:
- Description:
Reserves a specific number of licenses for certain users or groups.
Example synta:
checkout:
access:
- feature: "f1"
allow:
users:
- "bob"
- "alice"
- feature: "f2"
allow:
hosts:
- "localhost"
users:
- "bob"
- "alice"
ip_addresses:
- "1.1.*.*"
- feature: "*"
deny:
users:
- "bob"
- "alice"
limit:
- feature: "f1"
count: 6
users:
- "limited_users"
- feature: "f3"
count: 3
hosts:
- "host666"
- feature: "*"
count: 1
ip_addresses:
- "123.123.123.123"
reserve:
- feature: "f1"
count: 5
users:
- "bob"
- "alice"
- feature: "f16"
count: 10
hosts:
- "localhost"| Anchor | ||||
|---|---|---|---|---|
|
The borrow settings control which clients are allowed to borrow licenses and impose limits on the number of licenses that can be borrowed or the duration of the borrow.
access:
- Description:
Explicitly allow or deny borrow requests. - Rule Properties: Similar to checkout, with rules for
featureand client matching.
limit:
- Description:
Restricts the number of borrowed licenses and/or the allowed duration. - Properties:
count: Maximum number of licenses.hours: Maximum borrow time in hours.ignore: Specify exceptions (e.g., certain users or hosts).
Example synta:
borrow:
access:
- feature: "f1"
allow:
users:
- "bob"
- "alice"
- feature: "f2"
allow:
hosts:
- "localhost"
ip_addresses:
- "1.1.*.*"
- feature: "*"
allow:
users:
- "test"
- feature: "f3"
deny:
users:
- "bob"
- "alice"
limit:
- feature: "f5"
hours: 3
- feature: "f1"
count: 6
ignore:
users:
- "bob"
- feature: "f3"
hours: 3
ignore:
hosts:
- "host666"
- feature: "*"
count: 1
ignore:
ip_addresses:
- "123.123.123.123"| Anchor | ||||
|---|---|---|---|---|
|
The licenses settings define where the license server searches for license files and optionally let you embed license data within the configuration.
path:
- Description:
A list of directories or explicit file paths to search for license files. - Platform Defaults:
- Windows: Searches for
<vendor>.licin the same directory as the license server if unspecified. - Unix: Searches for
/usr/x-formation/<vendor>.licif unspecified.
- Windows: Searches for
embedded:
- Description:
Embeds license details directly into the configuration file. - Syntax:
A block scalar (using|) containing the license information.
Example synta:
licenses:
path:
- "/home/user/licenses/"
- "/tmp/lmx.lic"
embedded:
- |
FEATURE F1
{
VENDOR=TEST-VENDOR COUNT=1 VERSION=5.0 END=2030-01-01 MAINTENANCE_END=2030-01-01 SHARE=VIRTUAL
PLATFORMS="Linux_x86 Linux_x64 Linux_arm64 Linux_arm32" "_x64" OPTIONS="TEST-VENDOR TYPE=NETWORKED"
KEY=AbCdEfGhIjKlMnOpQrStUvWxYz0123456789...
}