The custom configuration values for the Content Gateway on Unified Access Gateway (UAG) can be set on the Workspace ONE UEM console. These custom values when fetched by the UAG server are automatically updated into the Content Gateway configuration files. The automatic updates eliminate the manual effort of updating the configuration files every time the UAG server undergoes an upgrade.

Custom values available on the Workspace ONE UEM console

The tabulated list contains the keys that are available on the UEM console.
Keys Type Value Description Supported UAG and CG version
aw.server.security-headers.hsts.enabled Boolean False Allows HSTS support in CG. UAG 3.9 (CG 2.11.0) and later
aw.fileshare.client.domain String Default domain with which the users are associated while accessing fileshare repositories. UAG 3.9 (CG 2.11.0) and later
aw.http.cipher-suites String

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256

Comma separates list of allowed ciphers.

UAG 3.9 (CG 2.11.0) and later
aw.http.protocols String SSLv2Hello, SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2 Values can be separated by comma. UAG 3.10 (CG 2.12.0) and later
Note: The changes made after starting the Content Gateway service requires resaving of the service configuration on UAG.

Modifying the SMB Configurations

The SMB configurations are stored in smb.conf and smb-connector.conf files under the smb-connector directory at the Content Gateway installation path. To define precisely the custom values for these configuration files, you must obtain the current files from the UAG's log export functionality. A definite sequence is not followed when adding a new custom value to these configuration files. The new value when added appears at the end following all the existing values in the file.

Custom values can be provided in the UEM console using the following syntax:

extconf##FILE_NAME##CHANGE_TYPE[##EXISTING_LINE]=LINE_VALUE
  • FILE_NAME = Name of the file; smb or smb-connector
  • CHANGE_TYPE = ADD, REMOVE, or UPDATE

  • EXISTING_LINE = The current content of the line that needs the required change. If the line is not found in the file, this entry in the Key Value Pair (KVP) is ignored and does not have any impact on the file. It is applicable if there is UPDATE or REMOVE.
  • LINE_VALUE = Value of the line to be inserted or updated. It is ignored if there is REMOVE.

Listed are few examples of modifying the custom values in the SMB configuration files.

Example 1: An environment requires updating minimum smb protocol version from SMB2_02 to SMB3.

Key Type Value Description
extconf##smb##UPDATE##client min protocol = SMB2_02 String client min protocol = SMB3 Update the line in the smb.conf file that equals that client min protocol = SMB2_02 with client min protocol = SMB3

Example 2: Updating the smb-connector logs to debug mode. Default is 1 (error) and allowed values are: 0: Off, 1: Error, 2: Warning, 3: Info, 4: Debug

Key Type Value Description
extconf##smb-connector##UPDATE##log_level 1 String log_level 4 Update the line in the smb-connector.conf file that equals that “log_level 1” with “log_level 4”
Note: All custom values must be provided as a String when inserting or updating the configuration and as Null when removing the configuration.

Modifying Application Log Levels

To update the application logging level to debug, the below KVP entry can be used. Info is the default level and the permitted values include Error, Warn, Info, Debug, and Trace.

Key Type Value Description
extconf##logback##level##com.vmware String debug Update the application logging level to debug.