Manage Organization Settings
A superuser can configure the organization settings and do the following tasks:
-
View organization name and organization ID and modify the organization name.
-
Add, modify, and delete identity providers (IdP).
-
Add, modify, and delete custom roles.
-
Enable or disable the password policy for the organization and modify the password policy when the password policy is enabled.
-
Modify the session timeout policy for the organization.
-
Generate, edit, and delete API tokens for various roles in the organization.
-
Configure webhooks for the organization.
-
Configure device authentication.
-
Configure SNMP manager in Routing Director and the external applications to which the SNMP traps can be sent.
-
Configure LLM connector settings.
-
Configure Network Optimization settings.
To configure and to manage organization settings:
-
Click Settings Menu > System Settings on the banner.
The Organization Settings page appears.
-
Configure or modify the organization settings as needed. Refer to Table 1.
Fields marked * are mandatory.
-
Click Save to save the settings.
Verify that the settings are saved and close the Organization Settings page.
Table 1 describes the parameters on the Organization Settings page.
| Field | Description |
|---|---|
|
Organization Name* |
Name of the organization. You can edit the organization name here. |
|
Organization ID |
The ID for the organization. The value is auto-generated. This is a read-only field. |
|
Single Sign On (SSO) |
|
|
Identity Providers |
View identity providers configured in the organization. Add, edit, or delete the identity providers; see Manage Identity Providers. |
|
Roles |
View roles configured for SSO. Add, edit, or delete the roles; see Manage Roles. |
|
Password Policy |
Enable or disable (default) password policy. If you enable the password policy, configure the password policy parameters; see Table 2. |
|
Session Policy |
Configure the time, in minutes, after which the session with Routing Director should timeout; see Table 3. |
|
API Tokens |
Generate and view API tokens to authenticate users when they retrieve data by using REST APIs; see Manage API Tokens. |
|
Webhooks |
Webhooks enable you to get notifications when the events that you have subscribed for occur. Internet connectivity is required for Routing Director to connect to third-party applications, such as Slack. Click to enable or disable (default) webhooks. If you enable webhooks, you must select the type of events for which you want to receive notifications; see Table 4. |
|
Device Authentication |
Configure the type of authentication Routing Director must use to onboard a device—Local (default) or RADIUS. See Manage RADIUS Server Configurations to configure RADIUS authentication. |
|
SNMP Forwarding Endpoints |
Configure Routing Director to forward SNMP traps received from Juniper devices to external applications. See Configure SNMP. |
|
SNMP Configuration |
Configure the SNMP manager to receive SNMP traps from Juniper devices and forward them to external applications. See Configure SNMP. |
|
Configure LLM Connector |
Configure the LLM Connector to facilitate the use of natural language to query network status and obtain troubleshooting information. Note: LLM Connector is a beta feature in this
release.
|
|
Network Optimization Settings |
Configure pathfinder settings to automatically reroute LSPs and to set database pruning frequency and Postgres retention period. See Table 5 and Reroute LSPs. |
| Field | Description |
|---|---|
| Required minimum password length* |
Enter the minimum number of characters that should be present in the password of a user's account. Default is 8 characters. Range: 8 to 32 |
| Require special characters* | Click to enable (default) or disable the use of special characters in the password. |
| Require 2-Factor Authentication* |
Click to enable or disable (default) two-factor authentication for users accessing the organization. If you enable two-factor authentication, a code is sent to an authenticator app. The code should be entered in addition to the password to access the organization. |
| Field | Description |
|---|---|
| Session Timeout (minutes)* | Enter the number of minutes after which the session should timeout.
Default is
1440
minutes. Range: 0 to 20,160 minutes |
| Inactivity Timeout (minutes)* | Enter the number of inactive minutes after which the session should
timeout. Default is 0, indicating that the session does not time out
because of inactivity. Range: 0 to 480 minutes |
| Field | Description |
|---|---|
| Name* | Enter the name of the server or application to which notifications for subscribed events are to be sent. |
| URL* |
Enter the URL of the server or application where the notifications in the form of HTTP POST requests are to be sent when a subscribed event occurs. You must configure webhooks to enable Routing Director to send notifications to third-party applications, such as Slack, when events you have subscribed to are triggered on the managed devices. To receive webhook notifications in a format that is compatible with Slack, you need to configure an intermediary that can interact with the sending and receiving applications, in this case, Routing Director and Slack. The recommended intermediary platform is Make. For more information, see Configure Webhooks to Receive Event Notifications. |
| Secret | Enter the secret to validate that the notifications received are from valid hosts. |
| Webhook Header | |
| Header Key* | Enter a unique key that the webhook endpoint can use to authenticate the event notifications. |
| Header Value* | Enter a unique value for the key. |
| Streaming API | |
| Alerts | Click to enable or disable (default) receiving notifications when subscribed alerts are generated on the managed devices. |
| Audits | Click to enable or disable (default) receiving notifications when an organization is accessed or any setting in the organization is changed. |
| Device Status | Click to enable or disable (default) receiving notifications when the device status changes due to events such as a link going up or down, or the device getting disconnected from Routing Director, and so on. |
| Device Alarms |
Click to enable or disable (default) receiving notifications when subscribed alarms are generated on the managed devices. |
| Field | Description |
|---|---|
|
ECMP Placement Method* |
Select a placement method for equal-cost multipath (ECMP) routing.
Based on the placement method you opt, Routing Director evaluates link metrics, distributes traffic, and improves bandwidth utilization on multiple links to the same destination. |
|
Path Optimization Interval* |
Specify the interval after which Routing Director must automatically trigger path optimization. The path optimization is based on the current network and not on the most recent Path Analysis report. To disable automatic path optimization, enter 0 second. Range: 0 through 9 minutes (m), hours (h) or days (d). |
|
Link Utilization Threshold* |
Specify the threshold value (in percentage) for link utilization. When traffic on a link exceeds this value, Routing Director reroutes label-switched path (LSPs). If you do not specify a threshold, the LSP is not rerouted. If you specify 0, the links are blocked. Range: 0 through 100 percentage. |
|
Threshold Rerouting Interval |
Specify the minimum interval (in minutes) after which Routing Director reacts to any traffic or delay violations. If you don’t specify an interval, the label-switched path (LSP) is not rerouted in case of a violation. Range: 1 through 300 minutes |
|
PruneDB Cleanup Frequency* |
Specify how often (in days) the database pruning (clean up) must happen. Range: 1 through 180 days |
|
Postgres Retention* |
Specify a period (in days) for which Postgres data must be retained before being purged. Range: 1 through 180 days. |