System settings

System settings is the central place for customizing environmental variables. System settings control a
wide range of system characteristics such as: active features, method of user registration, method of mail
dispatching, security characteristics, and many more. They also control a visual settings as well as themes.
General settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Security settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Locale settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
E-mail settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

User settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
User activation/registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Multiple logins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Web server authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Appearance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Appearance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Logo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Favicon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

External tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
External tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Math Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
PHP Livedocx . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
LDAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Customization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
System options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Social options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Enterprise options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

System settings

General settings
The general settings tab offers access to various settings that affect the site's operation
Security settings
Security settings offer amble settings for securing the eFront system. These settings include the ability to
define the allowed and disallowed file extensions, the minimum password length, the inactivity time to
logout users, the minimum password length and more.
Allowed IPs: A comma separated white list of allowed IPs that can access the system. All other IPs
are not allowed to the system. Wildcards are accepted, for example 10.10.10.*. Make sure that you
don't lock out your own IP with this operation!
Disallowed IPs: A comma separated black list of IPs that are not allowed to access the system. Black
lists take precedence over white lists
Allowed file extensions: A comma-separated white list of file extensions that are allowed to be
uploaded. All other file extensions are disallowed
Disallowed file extensions: A comma-separated black list of file extensions that are not allowed to
be uploaded. All other file extensions are permitted. The black list takes precedence over the white
list
Minimum password length: Set this to a different value if you want to relax/tense the password
length setting
Log out user after (minutes): The time in minutes after which inactive users are logged out. Note:
A user is considered inactive only if he/she has closed his/her browser or navigated away
from the efront page. This is also the maximum fault for user time reports: In case a user navigates
away from the LMS, his/her online LMS time may be reported up to X minutes more than the actual,
where X is the value for this setting.
Updater period (ms): The period, in ms, that a user's browser "pings" the server to revive his/her
session. Depending on the site traffic, you might want to lower this value to offload the server.
However, it should always be less than the autologout time. Keep in mind that a user may be
automatically logged out from the system, depending on the session.gc_maxlifetime php setting.
Another reason could be if you are storing session data in /tmp (default) and some process is
periodically cleaning its contents
Remove <script> tags from POST: If you don't trust your users to exploit your system for XSS attacks,
you should prevent them from posting content with <script> tags. This however will also prevent
building content that contains these tags
Password reminder: Uncheck if you don't want users to be able to reset their passwords
Encrypt URL: This option will convert all internal eFront URLs to an encoded form. This way, users
will not be able to derive sensitive information, such as user login names or emails by looking at the
address bar location, nor will they be able to alter the URL trying to override system restrictions or
settings

General settings

System settings

Locale settings
These are internationalization settings that should be set according to the current locale:
Default language: This is the default language of the system. New users will be created having this
language as default.
Note: Changing this setting does not affect existing users
Support only one (the default) Language: If set, then users do not have the option to specify their
preferred language
Date format: Enter the format with which you want dates to appear in the system
Time zone: Specify the system's default timezone. This setting can be overridden for each user and
does not affect existing users. System dates will be offset to match the users' preferences
Currency: Enter the currency you want to be used for the e-commerce parts of the site.
Show currency symbol: Specify whether the selected currency's symbol should display before or
after prices, for example $1 or 1$
Decimal point: Enter the decimal point you want to be used in the system
General settings

System settings
Thousands separator: Enter the thousands separator you want to be used in the system
Encode non-latin file names to: When a user uploads a file that its name contains non-latin
characters, then it should be somehow encoded before being imported to the system. Since eFront
is a pure UTF-8 system, all file names are encoded to UTF-8 before being stored. However, if
you are using a windows server, then UTF-8 is not supported by its file system, and a different
encoding should be selected. In this case, UTF7-IMAP is recommended (and default for windows
server installation)

E-mail settings
Through this tab you are able to define the mail server settings that will be used to send e-mails.
System email: The email that is used as the "from" address in all system outgoing emails
SMTP server: The email server to use, can be "localhost" or any smtp server address
SMTP user: The user of the account needed to connect to the SMTP server.
SMTP password: The password of the user that authenticates to the SMTP server
Server SMTP port: The port that the SMTP server listens to.
SMTP timeout: Seconds to wait until the SMTP server responds
SMTP authentication: Check if your SMTP server requires authentication
Below you can see an example about setting up a gmail account. Note however that the right options depend
on your e-mail server.

General settings

System settings

Note: Using a gmail account, SMTP user address will be displayed as sender in recipients inbox
regardless of the "system email" address.

Configuration
Through the Configuration tab you are able to define some basic php settings for your system.
Memory limit: This sets the maximum amount of memory in bytes that the system is allowed to
allocate. -1 value is not allowed for performance reasons. In case you get an error trying to use this
value, just leave this field blank.
Maximum execution time:This sets the maximum time in seconds a script is allowed to run before it
is terminated by the parser. This helps prevent poorly written scripts from tying up the server. The
default setting is 30. The maximum execution time is not affected by system calls, stream operations
etc.
GZ handler: Check this option to send data compressed to the web browser. Do not unset this unless
you are experiencing trouble, as it may have detrimental effect on the site's speed
Compress test results in database
Maximum file size: If you cannot upload large files you should alter the upload limits.The upload
size is limited by settings in the php.ini file. You can find the current php.ini file in effect if you log
in as an admin and go to maintenance -> PHP info. Look for "Loaded Configuration File".
There are 3 settings that affect this:
- upload_max_filesize

General settings

System settings
- post_max_size
- memory_limit
The first two should be set to be the minimum file size you intend to upload. So, if you intend to upload files
of 4MB, these should be set at least 4M. The 3rd is recommended to be 128M, but in any case it should not
be less than the other two.
After making these changes to the php.ini file, you should restart your web server in order for the changes
to take effect. After doing so, you can control the maximum upload size from admin -> system settings ->
PHP, but you can't set it higher than the values specified in the php.ini file (only lower).
Debug mode: If you enable debug mode, then a small debugging panel with speed and query
information will display on every page, for every user

User settings
User activation/registration
The User activation/registration function is used by the administrator to define the way in which the users
will be able to register into the system and how their activation will take place.
External signup: Uncheck if you don't want users to be able to register themselves (hides the "create
account" link in the index page)
Default user type: The user type which new users are created as
"Keep me logged in" option: Once selected, the system remembers the user and keeps him logged
in, until he logs-out.
Automatic user activation: When checked, users are able to login to the platform as soon as they
create their account. Otherwise, the administrator must activate their account

User settings

System settings
User activation by email: Enable this if you want new users to have to click on a confirmation email
sent out to their email address, in order to user the system
Supervisor email activation (enterprise edition): Click this if you want new users to be activated by
their supervisor
Enable license note: If you enable the license note, then all new users will be presented with a note
that they must accept in order to use the system.
Reset license note: Clicking on this link will reset the "read" status of all users. You can use this if
the site's license note has changes and you want all users to re-comply to the new terms
License note: The license not text
Allow independent lessons: If you leave this unchecked, then there cannot be lessons outside
courses in the system
Show group key option: Uncheck this if you want to prevent users from using a group key to be
directly assign to groups
Mapped accounts: If you disable mapped accounts, then users will not be able to map their accounts
to a different one, for fast switching
Username format: Using this field you can change the username format i.e. the way users' login
names will appear in the platform. You can use the following variables: #name# for the first name,
#surname# for the last name, #login# for the login, #type# for the user type and #n# for the first
name's initial letter. So, for example, for the default format, #surname# #n#. (#login#), the user
"John Doe" with username "jdoe" will appear as "Doe J. (jdoe)"
Maximum usage space in private messages: You can define the maximum user allowed usage space
size in MB.
Lesson time reports: You can switch to active time if you want the system to monitor and report
only times that the user actually goes through the content. Switch to total time if you want the
system to report the total time a user spends on a lesson, regardless which page he/she is on.
Warning: Switching to active time reporting will overwrite any active times that have been
recorded so far with the corresponding total times.

User settings

System settings

Multiple logins
The administrator can define whether or not to allow multiple logins. Allowing multiple logins enables
concurrent logins with certain exceptions (i.e. groups or types of users). Otherwise, if no multiple logins
are set, then when a user logs in with a username that is already logged in, the older session will be
disconnected.

User settings

System settings

Web server authentication

The settings below can be used to automatically handle user registration and authentication using some
HTTP server variables
Web server authentication: Check this to enable web server based authentication
Web server registration: Check this to enable web server based registration
Error page displayed when the username is missing or empty: Specify which page should be
presented to the user in case he/she visits the system, with the "username" variable not being
populated
Error page displayed when the user could not be created: Specify which page should be presented
to the user in case he/she visits the system and the automatic registration fails
Variable that contains the username: The web server variable that holds the user name
Include file that handles user creation: The file that will handle the user registration

User settings

System settings

How it works: Supposedly you had a different mechanism to authenticate/register users to your system and
you wanted to bypass efront's settings. You could populate the a server variable (REMOTE_USER by default)
with the user name and enable web server authentication below. In order to do this, you should follow these
steps:
1. Login as admin and enable web server authentication. The username server variable must hold
your current username, otherwise you can't continue
2. From now on, any user that visits the site without an equivalent username value in the web server
(set through the "Variable that contains the username" option), will be presented with the "Server
error" page.
3. If you don't check the "Web server registration", then no automatic registration will take place, only
authentication. This means that any user that is valid in the web server space, but does not have an
eFront account, will be presented with an "Authentication error" page
4. If you check the "Web server registration" checkbox as well, then valid users that don't have an
eFront account, will trigger inclusion of the file specified in "Include file that handles user creation"
field. There is a sample file in the distribution, libraries/includes/webserver_registration.php,
which you can use as a guideline
5. The "Server error" and "Authentication error" pages are customizable. If you want to use
completely your own, you can upload them to the "external" folder of the default theme.

Appearance
This tab allows the administrator to customize the appearance of the eFront installation.
Appearance
Show footer: Whether to display a message on the site's footer. This setting may be overriden by
the current theme's settings, see How_to_build_a_theme How_to_build_a_theme
Edit footer: Enter any custom text that you want to appear inside the footer. This message replaces
the default message
Site name: Enter the site name, as it will appear on the pages header and elsewhere
Site motto: A subtitle that will appear along with site name
Appearance

10

System settings
Show name and motto also on header: Uncheck this if you don't want the site name and motto to
appear on the header. This is usually the case when the logo already contains this information
Collapse catalog: Whether the courses list should appear collapsed. If you select "No", then all
lessons and courses appear expanded. If you select "Only for lessons", then only the courses appear
expanded, but their contents are hidden. If you select "yes", then everything below the root
categories are collapsed
Show empty blocks: Whether empty blocks should appear on the index page
Show lesson/courses catalog: Whether the courses catalog should appear. Selecting "yes" will make
the catalog appear in both the index page and the initial page a user sees after logging in. Selecting
"Yes, but only after user logs in" does not display the catalog on the index page, to unauthenticated
users. Selecting "No" always hides the catalog, thus preventing users from enrolling to courses/
lessons themselves
Redirect user after login to: User this option to specify which page a user is redirected to right after
logging in. If you select "User's catalog", then the user will see a list of the courses/lessons he/she is
enrolled in. If you select "User's dashboard", then the user will be redirected to his/her dashboard.
In addition, if there are modules with "landing page" facilities installed in the system, they will
appear in the list as well
Redirect after logout to: Enter a URL where you want users to be redirected after they logout,
instead of the system's index.php page
Load videojs: Videojs is a library that allows you to load html5 videos. By enabling this option the
necessary header code of the library is loaded (in <head>). You can insert in your content pages the
html code that loads your video as described here (in <body> section)

Appearance

11

System settings

Logo
Use this tab if you want to set the system's logo, which is the image that appears in the header.
File Name: Click to select an image file from your system
Logo width: Specify a width for your image, if you want it resized. This option is available only if
php_gd extension is installed.
Logo height: Specify a height for your image, if you want it resized. This option is available only if
php_gd extension is installed.
Normalize dimensions: Check to have the system automatically adjust your image so that the
original proportions are kept. This option is available only if php_gd extension is installed.
Use logo: Use this dropbox to select between the default logo, site logo and theme logo.

Appearance

12

System settings

Favicon
Use this tab if you want to set the system's favicon, which is the small icon that appears next to the site's
address in the browser's address bar.
File name: Pick a file from your computer to use as favicon
Use default favicon: Check if you want to reset the current favicon to the default one

External tools
This is a collection of tools that are either 3rd party or can be used to communicate with 3rd party
applications

External tools

13

System settings
External tools
Enable XML API: If checked, then the system's XML api is enabled. You can read more about eFront's
XML API at [1]
Editor type: Select which editor version you want to use. The newer is recommended, unless you are
experiencing difficulties
Zip handling method: Select which way you want eFront to handle zip files. There are 2 options:
'PHP' uses PHP's own zip handling functions, while 'System' uses the underlying operating system's
functionality (not available on Windows servers). The former is generally considered more
compatible but the latter is usually faster

Math Settings
You can use math libraries if you want to write mathematical equations. See [ http://www.forkosh.com/
mimetex.html] for more information
Enable mathematic type content: Check this to enable math equation typing
Display math types as images: Enable this if your users can't see the equations
Math server location: Specify the location of the Math server.

External tools

14

System settings

PHP Livedocx
phpLiveDocx is a platform used to transform certificate documents in a pdf format. It is released under the
following license: http://www.phplivedocx.org/articles/phplivedocx-license/ . You have to sign up for an
account there and paste your credentials. It is used to export the eFront certificates in pdf format.
Phplivedocx server: The address of the livedocx service you want to use. On rare cases this may need
to change to an older version
User name: Your phplivedocx account user name
Password: Your phplivedocx account password

External tools

15

System settings
LDAP
A LDAP server is a user management system very popular among large organizations. eFront can use a LDAP
server for creating and authenticating users. When LDAP support is enabled in eFront, then a user that has
a LDAP account can use it to access eFront following the procedure below:
1. The user visits eFront for the first time and uses his/her credentials to login.
2. The user is then redirected to a special page where he/she is asked to fill-in and verify his/
her information, which was retrieved by the LDAP server. What information is retrieved can be
customized from the LDAP properties in administrator's system settings (see below)
3. After clicking on submit, an account for this user is created. The password is never saved in efront
4. Next time the user visits efront and uses his/her credentials, he/she is authenticated with the LDAP
server
In order to use LDAP, PHP's LDAP extension must be loaded. If you are on a windows environment, please
extract the file "php_ldap.dll" from the full php zip archive and place inside the "ext/" folder of your php
installation (for example, c:\php\ext). Afterwards, edit the file php.ini, locate the extensions section (there
will be plenty of lines like extension=php_xxx.dll) and place the line extension=php_ldap.dll. Restart the
apache server afterwards. (see also Installing PHP windows extensions)
If you are on a Linux environment, then use your distro's installation program (for example aptitude or
yum) to install php5-ldap extension
You can configure LDAP settings from administrator account -> system settings -> External -> LDAP. Below
the most important settings are explained:
Activation settings:
Activate LDAP support: Use this to activate/deactivate LDAP access
Support only LDAP registration: Use this to disable the ability for users to signup if they don't have
a valid LDAP account
Connection settings:
LDAP server: The server to connect to, usually in the form ldap://ldap.example.net, or
ldaps://ldap.example.net for secure connections
LDAP server port: Usually 389 or 636 for secure connections
LDAP bind dn: The username that eFront will use to connect to the ldap server
LDAP base dn: The base dn is where all searches and users are located. All operations are performed
on this dn and below
LDAP protocol version: It's usually 2 or 3, with the latter being preferable and more common
Attribute mappings: eFront uses the default openLDAP attributes to map user's information to its own
internal representation. If you are using a different LDAP server (for example, Active directory), you might
want to change this mapping. In this case, the most important attribute is the Login name attribute which
for Active Directory should be set to sAMAccountName
Important note #1: The base dn connection password is stored in the database in plain text. It is strongly
recommended that you use a special account with limited read-only privileges to retrieve information from
the LDAP server

External tools

16

System settings
Important note #2: Certain version of AD are case-sensitive, so make sure that "sAMAccountName" is not
"samaccountname" in your installation

In the image below you can see a working LDAP configuration that connects to an openLDAP server

Customization
Here you can set various display and functionality options for eFront
System options
Use this list to disable or enable site-wide the respective functionality. It overrides any other user,lesson or
course level settings.

Customization

17

System settings

Social options
This section is not available in the community edition
This allows the administrator to define which social options will be available to the users of the system.
The administrator can also enable the Facebook integration, by providing the Facebook API key and the
Facebook Application Secret. The facebook connection can be activated by clicking on the corresponding
checkbox. Facebook data acquisition and external login through Facebook, can be activated via their
Facebook account. For detailed information, visit the social section of the wiki

Event's logging: Leave unchecked if you don't want system events to be logged.
System timelines: When enabled, users can see the system timeline
Lesson timelines: When enabled, users can see timelines for the lessons they are enrolled in
People: When enabled, users can see a list and interact with other users sharing the same lessons
Comments/Wall: When enabled, users can post messages to their wall or comments to other users'
messages

Customization

18

System settings
User status: When enabled, users are able to set a status on their public profile.
Facebook data acquisition: Use this to enable data retrieval from the users' facebook account (avatar
and status changes)
External login through Facebook: Use this if you want users to be able to login using their facebook
account
Connection with Facebook: Enable connection with facebook
Facebook API key: The API key for connecting to facebook
Facebook Application Secret: The API secret for connecting to facebook

Enterprise options
Note: This section is only available in the enterprise edition
These are organization-specific options
Show organization chart to users: If enabled, then employees can view the organization chart from
their account's "organization" section
Show full organization chart to users: If not selected the users will be able to see only this part of
the organization tree that concerns them. Only the branches to which the users belong and their
sub-branches will be shown to them.
Show training record to users: If enabled, then the training record is also available to employees
(see Training record )
Show unassigned users to supervisors: If set, then then employees list in supervisor view will
include users that are not assigned to any branch and supervisors may assign them to their own
branch if they want to.
Customization

19

System settings
Allow users to delete supervisor shared files: Whenchecked, employees are allowed to delete any
files that their supervisors have shared with them. Supervisors of the platform can upload files in
the users' profile. The users can see these files in their personal information tab, and if this option
is set, they can delete them.
Propagate branch courses to branch users: Allows the administrator to define if the branch's
courses will be automatically assigned to the users assigned to the branch.
Users may sign in from the default URL: When selected it allows the users to sign in to the platform
using the default (main) url. Otherwise, users can only login using their branch's url.

Customization

20