Configuration Changes Requiring Administrative Action

This page lists the set of configuration properties that require some form of administrative action for changes to take full effect.

Note that any changes to the java.properties file (which is used to specify the Java runtime and JVM options that should be used when running the Identity Broker and associated tools) require that the dsjavaproperties tool be run to apply those changes. If the changes impact the Java runtime or JVM arguments used to run the Identity Broker itself, then the server must be restarted.

Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Changelog Backend

• db-directory - The Identity Broker must be restarted for changes to this configuration property to take full effect. Modification requires that the Identity Broker be stopped, the database directory manually relocated, and then the Identity Broker restarted. While the Identity Broker is stopped, the directory and files pertaining to this backend in the old database directory must be manually moved or copied to the new location.
• changelog-write-queue-capacity - The Changelog Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• je-property - Changes to this configuration property will only take effect if the Identity Broker is restarted.

Backup Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Task Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Encryption Settings Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Monitor Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

LDIF Backend

• ldif-file - The LDIF Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• is-private-backend - The LDIF Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Trust Store Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Schema Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Alert Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Config File Handler Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

JE Backend

• db-directory - The Identity Broker must be restarted for changes to this configuration property to take full effect. Modification requires that the Identity Broker be stopped, the database directory manually relocated, and then the Identity Broker restarted. While the Identity Broker is stopped, the directory and files pertaining to this backend in the old database directory must be manually moved or copied to the new location.
• is-private-backend - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• index-entry-limit - If any index keys have already reached this limit, indexes must be rebuilt before they will be allowed to use the new limit. Setting a large limit (greater than 10,000) could have a big impact on write performance and database growth on disk.
• exploded-index-entry-threshold - If any index keys have already reached this threshold, indexes need to be rebuilt before they are allowed to use the new threshold. Setting a large limit (greater than 10,000) could have a big impact on write performance and database growth on disk.
• id2children-index-entry-limit - If this limit is increased, then the contents of the backend must be exported to LDIF and re-imported to allow the new limit to be used for any id2children keys that had already hit the previous limit.
• id2subtree-index-entry-limit - If this limit is increased, then the contents of the backend must be exported to LDIF and re-imported to allow the new limit to be used for any id2subtree keys that had already hit the previous limit.
• db-evictor-lru-only - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-evictor-nodes-per-scan - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-evictor-critical-percentage - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-log-file-max - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-logging-file-handler-on - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-logging-level - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-checkpointer-wakeup-interval - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-checkpointer-high-priority - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-num-lock-tables - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-clean-on-explicit-gc - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-recent-changes - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• default-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• id2entry-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• dn2id-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• id2children-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• id2subtree-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• dn2uri-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Local DB Backend

• uncached-id2entry-cache-mode - The Local DB Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Large Attribute Backend

• enabled - DEPRECATION NOTE: The large attribute backend has been deprecated. It will continue to be supported for existing deployments already using the large attribute feature, but new deployments wishing for similar behavior should configure uncached attributes rather than large attributes.
• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration
• is-private-backend - The Large Attribute Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• default-cache-mode - The Large Attribute Backend must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

JMX Connection Handler

• listen-port - The JMX Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• use-ssl - The JMX Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• ssl-cert-nickname - The JMX Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

LDAP Connection Handler

• listen-address - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• listen-port - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• use-ssl - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• ssl-cert-nickname - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• allow-tcp-reuse-address - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• max-cancel-handlers - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-request-handlers - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• request-handler-per-connection - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• ssl-client-auth-policy - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• accept-backlog - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

HTTP Connection Handler

• listen-address - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• listen-port - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• use-ssl - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• http-servlet-extension - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• web-application-extension - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• key-manager-provider - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• trust-manager-provider - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-request-handlers - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• disable-tls-renegotiation - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• enable-multipart-mime-parameters - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Crypto Manager

• ssl-cert-nickname - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Validate TOTP Password Extended Operation Handler

• prevent-totp-reuse - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Interactive Transactions Extended Operation Handler

• enabled - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Global Configuration

• location - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• allow-insecure-local-jmx-connections - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• session-manager - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

File Server HTTP Servlet Extension

• base-context-path - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

SCIM HTTP Servlet Extension

• base-context-path - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• debug-enabled - The Identity Broker debug logger must be enabled and correctly configured for the debug messages to be forwarded.

LDAP Mapped SCIM HTTP Servlet Extension

• oauth-token-handler - The Identity Broker must be restarted for changes to this configuration property to take full effect. The OAuth Token Handler changes will not take effect until the associated HTTP Connection Handler is disabled and re-enabled, or until the server is restarted.
• basic-auth-enabled - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• include-ldap-objectclass - If you have specified a large number of object classes or used the '*' value you should ensure that the Identity Broker has been allocated a sufficient amount of memory (typically at least 512MB) to host the HTTP endpoints.

Data View SCIM HTTP Servlet Extension

• base-context-path - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Memory HTTP Session Manager

• idle-save-duration - The Identity Broker must be restarted for changes to this configuration property to take full effect. Any HTTP connection handlers must be restarted before changes will take effect.
• save-interval - The Identity Broker must be restarted for changes to this configuration property to take full effect. Any HTTP connection handlers must be restarted before changes will take effect.
• scavenge-interval - The Identity Broker must be restarted for changes to this configuration property to take full effect. Any HTTP connection handlers must be restarted before changes will take effect.
• save-directory - The Identity Broker must be restarted for changes to this configuration property to take full effect. Any HTTP connection handlers must be restarted before changes will take effect.

LDAP HTTP Session Manager

• load-balancing-algorithm - The Identity Broker must be restarted for changes to this configuration property to take full effect. Any HTTP connection handlers must be restarted before changes will take effect.

LDAP SDK Debug Logger

• queue-size - The LDAP SDK Debug Logger must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The LDAP SDK Debug Logger must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Log History Service

• log-history-index-dir - The Identity Broker must be restarted for changes to this configuration property to take full effect. Modification requires that the Identity Broker be stopped, the existing directory manually relocated, and then the Identity Broker restarted. While the Identity Broker is stopped, the old index directory and its contents must be manually moved or copied to the new location.
• log-history-archive-dir - The Identity Broker must be restarted for changes to this configuration property to take full effect. Modification requires that the Identity Broker be stopped, the existing directory manually relocated, and then the Identity Broker restarted. While the Identity Broker is stopped, the old log archive directory and its contents must be manually moved or copied to the new location.
• log-history-indexed-attribute - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• log-history-attribute - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

JDBC Based Access Log Publisher

• queue-size - The JDBC Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Operation Timing Access Log Publisher

• log-file - The Operation Timing Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Operation Timing Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Operation Timing Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Scripted File Based Access Log Publisher

• log-file - The Scripted File Based Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Scripted File Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Scripted File Based Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

File Based Audit Log Publisher

• queue-size - The File Based Audit Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Audit Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Audit Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Writer Based Access Log Publisher

• queue-size - The Writer Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Admin Alert Access Log Publisher

• queue-size - The Admin Alert Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

File Based Access Log Publisher

• log-file - The File Based Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Third Party File Based Access Log Publisher

• log-file - The Third Party File Based Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Third Party File Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Third Party File Based Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Debug Access Log Publisher

• log-file - The Debug Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Debug Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Debug Access Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Writer Based Authorization Log Publisher

• queue-size - The Writer Based Authorization Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

File Based Authorization Log Publisher

• log-file - The File Based Authorization Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Authorization Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

File Based Error Log Publisher

• queue-size - The File Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Error Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Error Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Third Party File Based Error Log Publisher

• log-file - The Third Party File Based Error Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Third Party File Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Third Party File Based Error Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Scripted File Based Error Log Publisher

• log-file - The Scripted File Based Error Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Scripted File Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Scripted File Based Error Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Syslog Based Error Log Publisher

• queue-size - The Syslog Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

JDBC Based Error Log Publisher

• queue-size - The JDBC Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Detailed HTTP Operation Log Publisher

• log-file - The Detailed HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The Detailed HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Detailed HTTP Operation Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Common Log File HTTP Operation Log Publisher

• log-file - The Common Log File HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The Common Log File HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Common Log File HTTP Operation Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

File Based Debug Log Publisher

• queue-size - The File Based Debug Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Debug Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Debug Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

File Based Sync Log Publisher

• queue-size - The File Based Sync Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Sync Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Sync Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Sync Failed Ops Log Publisher

• queue-size - The Sync Failed Ops Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The Sync Failed Ops Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The Sync Failed Ops Log Publisher must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Host System Monitor Provider

• enabled - Enabling host system cpu, memory, disk and network interface I/O monitoring requires running an external collector helper process except on Linux systems. Notes: - Enabling the host system monitor does not require restarting the server on Linux systems. - Enabling the host system monitor provider on UNIX (non-Linux) requires restarting the server. Changes to disk-devices and network-devices cannot be validated until the server is restarted. - Host system monitoring is not available on Windows systems.

OAuth Service

• redirect-resolver - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

Password Policy

• idle-lockout-interval - Last login time tracking is required for idle account lockout to work properly. If you are enabling idle account lockout, then you should ensure that the last-login-time-attribute and last-login-time-format properties are also defined and that last login time tracking has been enabled long enough so that user accounts have had time to be marked with last login times. Ideally, last login time tracking should be enabled for at least as long as the idle lockout interval to ensure that users are not incorrectly locked out merely because their accounts do not have last login time information.

Plugin

• plugin-type - The Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Seven Bit Clean Plugin

• plugin-type - The Seven Bit Clean Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Entry UUID Plugin

• plugin-type - The Entry UUID Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Referral On Update Plugin

• plugin-type - The Referral On Update Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Delay Plugin

• plugin-type - The Delay Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Periodic GC Plugin

• plugin-type - The Periodic GC Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

DN Mapper Plugin

• plugin-type - The DN Mapper Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Attribute Mapper Plugin

• plugin-type - The Attribute Mapper Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

SNMP Subagent Plugin

• agentx-address - The SNMP Subagent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agentx-port - The SNMP Subagent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-worker-threads - The SNMP Subagent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Referential Integrity Plugin

• plugin-type - The Referential Integrity Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Unique Attribute Plugin

• plugin-type - The Unique Attribute Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Change Subscription Notification Plugin

• plugin-type - The Change Subscription Notification Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Changelog Password Encryption Plugin

• plugin-type - The Changelog Password Encryption Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Internal Search Rate Plugin

• plugin-type - The Internal Search Rate Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Periodic Stats Logger Plugin

• log-file - The Periodic Stats Logger Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Processing Time Histogram Plugin

• plugin-type - The Processing Time Histogram Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• histogram-category-boundary - The Processing Time Histogram Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. The Metrics Engine can only aggregate response-time data when the boundary values are the same across both time and monitored servers. If you change the boundary values on one monitored server, you should change them on all monitored servers.
• separate-monitor-entry-per-tracked-application - When setting this option to true, you must also set the per-application-ldap-stats property in the Stats Collector Plugin to per-application-only.

SNMP Master Agent Plugin

• listen-address - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• listen-port - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agentx-listen-address - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agentx-listen-port - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• notification-target-address - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• notification-target-port - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agent-snmp-version - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• community-name - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agent-security-name - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agent-security-level - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-worker-threads - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Last Mod Plugin

• plugin-type - The Last Mod Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Pass Through Authentication Plugin

• plugin-type - The Pass Through Authentication Plugin must be disabled and re-enabled (or the Identity Broker restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Policy Service

• combining-algorithm - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

UnboundID TOTP SASL Mechanism Handler

• prevent-totp-reuse - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Store Adapter

• correlation-attribute-urn - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• modifies-as-creates - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.

LDAP Store Adapter

• load-balancing-algorithm - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• include-ldap-objectclass - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• include-base-dn - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• include-filter - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• scim-id-attribute - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• user-metadata-attribute - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• user-large-metadata-attribute - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• include-operational-attribute - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.
• create-dn-pattern - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.

Third Party Store Adapter

• extension-argument - The Identity Broker must be restarted for changes to this configuration property to take full effect. Changes to this property will not take effect until the associated DataView is disabled and then re-enabled, or until the server is restarted.

Web Application Extension

• base-context-path - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• war-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• document-root-directory - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• deployment-descriptor-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• temporary-directory - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• init-parameter - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

Broker Web Application Extension

• service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• oauth-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• admin-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• pdp-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• privacy-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• oauth-admin-client-id - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• oauth-admin-client-secret - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• trust-store-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• log-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

Privacy Preferences Web Application Extension

• scim-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• scim-path - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• scim-resource-name - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• scim-query-contains-enabled - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• scim-user-name-path - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• scim-display-name-path - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• scim-email-path - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• scim-phone-number-path - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

Broker Console Web Application Extension

• dashboard-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

UnboundID Work Queue

• num-worker-threads - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-write-worker-threads - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-administrative-session-worker-threads - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-queues - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-write-queues - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• max-work-queue-capacity - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• queue-type - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

Wait Notify Work Queue

• num-worker-threads - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

Traditional Work Queue

• max-work-queue-capacity - The Identity Broker must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect