Administration Console

The Sentinel EMS Administration Console is a graphical, web-based tool that you can use to configure and manage various properties of the Sentinel EMS Server. The Administration account used to access the Sentinel EMS Administration Console is different from the Sentinel EMS admin account, even though both accounts have the same user name. When you change the password for one of these accounts, the password for the other account is not affected.

To open the Administration Console:

1.Do one of the following:

Navigate to the following URL: http://<host name>:<port>/emsConfig

where <host name> and <port> stand for the Host name and port of the Sentinel EMS Server.

In the Sentinel EMS portal, click Administration > Administration Console.

(In the Sentinel EMS Server machine) From the Start menu, select Programs > Gemalto Sentinel > Sentinel EMS > EMS Administration Console.

2.In the login screen, enter the user name admin and password admin. This password may be different if you have previously changed it.

3.Click Login.

Administrator Console Settings

You can modify the Administrator Console settings, as needed. Changes take effect immediately after saving.

This section includes:

>EMS Database Details (Read-Only)

>Outgoing E-mail Server Settings

>Entitlement Certificate E-mail Settings

>License Certificate E-mail Settings

>Contact Certificate E-mail Settings

>Technical Support Contacts

>License Configuration

>SSL and HTTP(S) Port Details

>General Configuration

>License Security Settings

>License File Name (V2C) Configuration

>Action Buttons

>Changing Subject Line for Contact, Entitlement, and License Certificates

EMS Database Details (Read-Only)

The settings in this section are read-only. For details on modifying these settings, see Updating Database Connection Details.

Outgoing E-mail Server Settings

These settings specify the outgoing e-mail exchange server (SMTP) and other e-mail properties.

Field Description
SMTP Host IP address of the e-mail exchange server.
SMTP Port

SMTP port.

Default: 25

User Name User name for sending e-mail from an authenticated e-mail server.
Password Password corresponding to the User Name.
Sender Name Sends all e-mails from this sender.
E-mail From

Sends all e-mails from this address.

Start TLS

Enables transport layer security (TLS).

NOTE   TLS encrypts data, such as your user name and password, so that the data is secure and private. With mail delivery, TLS begins with an unsecured connection to the mail servers, and then upgrades to a secure connection once information is sent.

Default: Unchecked

SMTP Auth

Authenticates the user using the provided user name and password.

Default: Checked

E-mail Master Footer

Contains the copyright information appended to the bottom of each mail.

Default string: © Thales Group 2020. All rights reserved.

Notification E-mail From Sends all notifications from this address.
Reports E-mail From Sends all scheduled reports from this address.

Entitlement Certificate E-mail Settings

Field Description
CC Sends carbon copies of the Entitlement certificate e-mails to this address.
BCC Sends blind carbon copies of the Entitlement certificate e-mails to this address.
E-mail From: Sends the Entitlement certificate e-mail from this address.
E-mail Required?

Specifies whether to send an e-mail when the entitlement is produced.

Valid Values:

  • NO—Sentinel EMS does not send an e-mail.
  • REQUIRED—Sentinel EMS tries to send an e-mail. If the e-mail cannot be sent, the operation fails.
  • DESIRED(Default)—Sentinel EMS tries to send an e-mail. If the e-mail cannot be sent, the operation still succeeds.

NOTE   Use a semicolon (;) to separate e-mail addresses in the CC and BCC fields.

License Certificate E-mail Settings

Field Description
CC Sends carbon copies of the license certificate e-mails to this address.
BCC Sends blind carbon copies of the license certificate e-mails to this address.
E-mail From Sends the license certificate e-mail from this address.
E-mail Required?

Specifies whether to send an e-mail when the license is generated.

Valid Values:

  • NO—Sentinel EMS does not send the e-mail.
  • REQUIRED—Sentinel EMS tries to send an e-mail. If the e-mail cannot be sent, an error message displays but the operation still succeeds.
  • DESIRED (Default Value)—Sentinel EMS tries to send an e-mail. If the e-mail cannot be sent, the operation still succeeds.

NOTE   If you want an e-mail to be sent, make sure to configure the SMTP settings, as described in Outgoing E-mail Server Settings.

NOTE   Use a semicolon (;) to separate e-mail addresses in the CC and BCC fields.

Contact Certificate E-mail Settings

Field Description
CC Sends carbon copies of the contact certificate e-mails to this address.
BCC Sends blind carbon copies of the contact certificate e-mails to this address.
E-mail From Sends the contact certificate e-mail from this address.
E-mail Required?

Specifies whether to send an e-mail when an end-user is registered.

Valid Values:

  • NO—Sentinel EMS does not send the e-mail.
  • REQUIRED—Sentinel EMS tries to send an e-mail. If the e-mail cannot be sent, the operation fails.
  • DESIRED(Default Value)—Sentinel EMS tries to send an e-mail. If the e-mail cannot be sent, the operation still succeeds.

NOTE   Use a semicolon (;) to separate e-mail addresses in the CC and BCC fields.

Technical Support Contacts

The following properties appended the end of all e-mails sent by Sentinel EMS.

Field Description
Support Team Name

Support team name.

Phone Support contact number.
E-mail

Support e-mail ID.

License Configuration

Field Description
License File Upload Size

The maximum allowed size of the license (V2C) file.

Default: 2222

Cloud Licensing

Enables or disables support for the cloud licensing model, which provides a simple mechanism for distributing and managing licenses via the Internet or company network for online and offline consumption. For details, see the sections on cloud licensing in the Sentinel LDK Software Protection and Licensing Guide.

>Define Per Product (Future). Default. Leaves all products "as is" without the ability to enable or disable cloud licensing.

>Enable For All Products. Enables cloud licensing support for all products. Requires Sentinel Run-time Environment (RTE) 8.11 or later on the license server machine and the Cloud Licensing module on the Master key.

>Disable For All Products. Prevents cloud licensing support for all products. Requires Sentinel Run-time Environment (RTE) 8.11 or later on the license server machine and the Cloud Licensing module on the Master key.

Generate Readable License

The generated license file contains the license information as readable text.

Default: Unchecked

Fallback to V-Clock

If selected, entitlements for (driverless) Sentinel HL Time or NetTime keys configure the key to switch automatically to V-Clock (virtual clock) if the battery for the real-time clock is depleted. If the real-time clock stops operating, protected applications, including those with time-based licenses, continue to run.

If not selected, entitlements for (driverless) Sentinel HL Time or NetTime driverless keys do not switch to V-Clock if the real-time clock stops operating or the clock battery is depleted. Therefore, protected applications, including those with time-based licenses, will become unresponsive.

Default: Unchecked

NOTE   After the real-time clock stops working, you must disconnect and reconnect the Sentinel HL keys to switch to the V-Clock. This switchover cannot be rolled back. Clearing the Fallback to V-Clock check box after the switchover does not affect the V-Clock, which will continue to run.

SSL and HTTP(S) Port Details

The settings in this section are read-only. For details on modifying these settings, see Configuring SSL and Port.

General Configuration

Field Description
EMS URL(s) for Rebranded RTE

The URL used by the Run-Time Environment (RTE) to communicate with the Sentinel EMS Service on the user's machine.

The URL specified in this field is automatically included in the RTE installer that the user downloads from EMS or that which is included in the bundled RTE installer generated by EMS. The URL is automatically inserted in the EMS URL field on the Admin Control Center for the RTE.

Enter the URL in this field and click Save.

Load Balancers: If you are using load balancing, you can specify multiple URLs (separated by commas). The format for each URL is: "http://_address_:8080" where address is the IP address or machine name of the machine where Sentinel EMS Service is running.

NOTE    Do not use URLs with localized characters, as this may cause unexpected results in applications on operating systems that cannot handle localized characters.

Max Records per Page (Web Services)

Maximum number of entries that can be returned by Web service calls for Products, Entitlements, and Customers.

Default: 200

To return an unlimited number of entries, set this value to 0.

Default File Upload Size

The maximum size in MB for file uploads.

Default: 2222

Dashboard ISV Refresh Frequency

The publisher home page refresh frequency.

Default: 5

Max Concurrent Requests per URL

Maximum number of concurrent requests allowed from a particular IP to a particular URL.

Default: 100

Show Auto-created Feature, Product and Entitlement

This option allows you to also display Features, Products, and Entitlements that are automatically created through the check-in of C2V files or data migration in the Sentinel EMS portal.

Default: Unchecked

Exclude All Optional Features

Specifies if the Exclude All check box is selected by default in the Product Details area when creating or editing an entitlement in the Sentinel EMS portal.

  • To exclude all optional features by default, select this check box.

  • To include all optional features by default, clear this check box.

The Exclude All Optional Features and Display Optional Features as Includable Instead of Excludable check boxes work in tandem to affect the options displayed in the Sentinel EMS portal.

If you select the Display Optional Features as Includable Instead of Excludable check box, the Include All check box is displayed instead of the Exclude All check box in the Product Details area when creating or editing an entitlement in the Sentinel EMS portal.

The functionality of Exclude All Optional Features remains the same regardless of the options displayed in the Sentinel EMS portal.

This means that if you select this check box, and the Exclude All check box is displayed in the Sentinel EMS portal, the Exclude All check box will be selected by default. Conversely, if you select this check box, and the Include All check box is displayed in the Sentinel EMS portal, the Include All check box will not be selected by default.

The following table illustrates the interaction between these options:

Administration Console   Results in Sentinel EMS
Exclude All Optional Features check box   Display Optional Features as Includable Instead of Excludable check box   Optional Features are excluded by default Check box name in Product Details area
+ = No Include All
+ = Yes Include All
+ = No Exclude All
+ = Yes Exclude All

The Exclude All (or Include All) check box is located in the Product Details area of the Create Entitlement or Edit Entitlement screen.

Default: Unchecked

Display Optional Features as Includable Instead of Excludable

When creating an entitlement in the Sentinel EMS portal, replaces the exclude-related display options with include in the Product Details area.

  • Excludable changes to Includable
  • Exclude All changes to Include All
  • Exclude changes to Include.

This is useful if you or others prefer to think in terms of inclusion instead of exclusion.

The Display Optional Features as Includable Instead of Excludable and Exclude All Optional Features check boxes work in tandem to affect the options displayed in the Sentinel EMS portal. For more details, see Exclude All Optional Features.

Default: Unchecked

Default Locale Code

The default locale for the Sentinel EMS portal.

Default: en

Start Feature Identifier

Specifies the number to start the auto-generated Feature ID in the Sentinel EMS portal.

NOTE   For each new Feature, Sentinel EMS generates a unique Feature ID in the Feature ID field. You can also assign your own numeric identifier to the Feature.

For example, if you enter 1001 in this field, the next new Feature will have the Feature ID 1001, by default. Subsequent Features will have incremental values, for example, 1002, 1003, ....

If needed, you can assign a specific numeric identifier to a new Feature by specifying any value (less than or equal to this number). Make sure to verify that the number is available.

Default: 1

Allow adding Products from State

Specifies whether to add an Add Products From State button (in addition to the Add Products button) in the Product Details pane when creating an Entitlement .

You can use this button to add Product details from a C2V file or Key ID to an Entitlement.

Default: Unchecked

Client Polling Frequency (Web Services)

Passes the specified value to the protected applications that call the Fetch Pending Updates (V2C) using the C2V web service. You can write a routine in each application that uses this value to set the polling frequency for calling the web service and checking for updates.

It is recommended that you set the polling frequency in minutes. If the value in this field is set to 0, the polling-frequency header will not be set in the web service.

Default: 30. For more information, see the Sentinel EMS Web Services Guide.

User Session Timeout The amount of time in minutes before the user session
URL for Embedded Sentinel EMS Customer Portal (iFrame)

Specifies the URL to use if you insert an iFrame on your website that contains the Sentinel EMS Customer Portal. This enables your end users to access the Sentinel EMS Customer Portal in your website.

NOTE   You can also access Sentinel EMS and the Administration Console from this iFrame, if needed.

License Security Settings

Field Description
Enforce SL-UserMode format v2.0

Improves the security level of SL-UserMode keys.

NOTE   Clear this check box if you are working with V2C files that were generated using Sentinel LDK versions prior to 7.0. This disables the security enhancements of SL-UserMode and maintains compatibility.

Default: Selected

Disallow formatting
SL-Admin keys for detached licenses

Prevents end users from applying a V2C file that formats a Sentinel SL key when the Product is detached from the key. This prevents users from taking advantage of a planned format action to detach and continue working with a Product license that should have been returned to the vendor.

Relevant for both SL AdminMode and SL Legacy keys.

NOTE   Does not affect SL-Legacy keys when Enable SL Legacy Support is selected.

Default: Selected

Enable SL-Legacy Support

After migration from BSS to EMS, enables you to send SL Legacy updates to your existing SL legacy key customers. These customers do not need to update the RTE to support certificate licenses.

Default: Selected

Upgrade to Latest RTE

When selected, displays a message instructing users to upgrade the RTE to the latest version if the user's machine has an older version of Run-Time Installer (RTE) installed. This occurs only on Sentinel EMS pages that run applets, for example Check-in C2V, Check-in Key, Burn Key.

Minimum RTE/API Version

(Replaces Default Clone Protection Version in Sentinel EMS 7.10 and earlier)

Sets the following:

>The minimum version of the Sentinel LDK Run-Time Environment (RTE) and/or Licensing API libraries used to protect and run your application.

Sentinel LDK Run-Time Environment (RTE) is required for certain protection keys and certain run-time scenarios. For details, see the section on situations that require Sentinel LDK Run-Time Environment (RTE) in Sentinel LDK Software Protection and Licensing Guide.

We recommend upgrading both of these to the latest version when possible.

>The Sentinel LDK Run-Time Environment (RTE) to use when Platform Default clone protection is selected for a product.

Relevant only for the SL Locking type.

The Platform Default option instructs the system to use one of the pre-defined clone protection schemes to protect your physical and virtual machines. These schemes are continuously enhanced and new schemes are added from time to time.

Which value should I select?

Select the highest value that covers all licensed products in your customer base to ensure the best coverage for all. If you always provide the latest RTE and latest License Manager to your customers, select the latest version.

Alternatively, if one of your customers is using Sentinel LDK Run-Time Environment (RTE) 7.50, and the rest of your customers are using Sentinel LDK Run-Time Environment (RTE) 7.90, select 7.50 as this is the highest common version among your customers. Similarly, if the earliest Sentinel LDK License Manager used by one of your customers for SL UserMode keys is from Sentinel LDK 7.4, select 6.40.

Platform Default Clone Protection Schemes
Operating System and Environment Minimum RTE/API Version
6.40 7.50 7.60 7.100 8.11
(For RTE/API 6.40–7.4x / Sentinel LDK 6.4–7.4x) (For RTE/API 7.5x / Sentinel LDK 7.5x) (For RTE/API 7.60-7.9x / Sentinel LDK 7.60-7.9x ) (For RTE/API 7.10x / Sentinel LDK 7.10x) (For RTE/API 8.11x / Sentinel LDK 8.0x and later)
Windows, Linux, Mac
(Excluding Docker Containers)
PM: PMType1
VM: VMType1
PM: PMType2
VM (SL AM): VMType2
VM (SL UM): VMType1
Windows, Linux
(Docker Containers)
VM: VMType1 VM (SL AM): VMType2
VM (SL UM): VMType1
VM: VMType4
Android PM: PMType3
VM: Disable
PM: PMType4
VM: Disable
Table Legend:
PM - physical machine
VM - virtual machine
SL AM - SL AdminMode key
SL UM - SL UserMode key

For details on supporting protected applications in Docker containers, see the Sentinel LDK Software Protection and Licensing Guide.

NOTE   In addition to Platform Default, Sentinel EMS lets you choose from pre-defined and custom clone protection schemes. For details, see the section on creating products in the Sentinel LDK—EMS User Guide.

License File Name (V2C) Configuration

By default, the generated V2C file name is same as the Key ID of the corresponding Entitlement. However, you can change the naming pattern of the V2C file. You can choose the V2C file name to contain either of the following parameter values or a combination of these.

Option V2C File Name Characters Used for File Name
Key ID <Key ID>.v2c All characters are used
Ref ID 1 <RefID1>.v2c First 85 characters are used
Ref ID 2 <RefID2>.v2c First 85 characters are used
EID <EID>.v2c All characters are used
Customer Name <Customer Name>.v2c First 30 characters are used

If you select multiple options:

  • The V2C file name will contain the parameters separated by hyphen (-).
  • The parameters in the file name appear in the order - EID, Key ID, Ref ID 1, Ref ID 2, Customer Name.
  • Spaces or special characters that are not allowed in the file name are replaced by an underscore (_). This change is dictated by your web browser.
  • If you choose one or more parameters from Ref ID 1, Ref ID 2, and Customer Name, there are chances that two C2V file names may become identical. In such scenarios, Key ID is prefixed to the name.
  • The rule for number of characters taken for each parameter remains same as mentioned in the previous table.
  • Some browsers may truncate the file name if it exceeds a certain number. Firefox uses the first 215 characters of the resulting name. Chrome uses the first 213 characters of the resulting name. Internet Explorer uses the last 152 characters of the name.

Following are some examples:

Combination Examples V2C File Name Number of Characters
EID + Key ID + Ref ID 1 <EID>-<Key ID>-<Ref ID 1>.v2c

All characters of EID + 1 (for hyphen) + All characters of Key ID + 1 (for hyphen) + First 85 characters of Ref ID 1

Key ID + Ref ID 1 + Ref ID 2 <Key ID>-<Ref ID 1>-<Ref ID 2>.v2c

All characters of Key ID + 1 (for hyphen) + First 85 characters of Ref ID 1 + 1 (for hyphen) + First 85 characters of Ref ID 2

Key ID + Ref ID 1 + Ref ID 2 + Customer Name <Key ID>-<Ref ID 1>-<Ref ID 2>-<Customer Name>.v2c

All characters of Key ID + 1 (for hyphen) + First 85 characters of Ref ID 1 + 1 (for hyphen) + First 85 characters of Ref ID 2 + 1 (for hyphen) + First 30 characters of Customer Name

Key ID + Customer Name <Key ID>-<Customer Name>.v2c

All characters of Key ID + 1 (for hyphen) + First 30 characters of Customer Name

Ref ID 1 + Ref ID 2 + Customer Name <Ref ID 1>-<Ref ID 2>-<Customer Name>.v2c

First 85 characters of Ref ID 1 + 1 (for hyphen) + First 85 characters of Ref ID 2

Action Buttons

The following action buttons are available at the bottom of the page.

Button Description
Sync Data For Channel Partner Module When this button is clicked, EMS scans the database to link channel partners with their respective customers for all entitlements (irrespective of the state). For more information, see Troubleshooting.

 

Generate/Update Lucene Search Index

Data that is migrated into Sentinel EMS using the data migration tool is not picked by Lucene search utility by default. This feature helps you to index the data so that next time you run a Lucene search, the data is automatically captured.
Test Email Send test e-mails to specified e-mail address. This works only if the SMTP details are provided and are valid.
Test SMTP Verify that the SMTP server details provided are correct.
Save Save the data and regenerate the rebranded RTE.

Changing Subject Line for Contact, Entitlement, and License Certificates

The Administration Console does not provide options to edit the subject line for these e-mail certificates because of localization issues. You can configure the subject line values manually in the messages*.properties file for the required language. For example, for English, you would edit the following file:

%EMS_HOME%\EMSServer\webapps\ems\WEB-INF\classes\messages_en.properties

The following table lists the properties available for configuring subject lines:

Subject line for Property Default Value
Entitlement certificate e-mail entCertEmailSubject EMS - Entitlement Certificate
License certificate e-mail licCertEmailSubject EMS - License Certificate
Contact certificate e-mail contCertEmailSubject EMS - User Registration