This article describes the parameters of the palo.ini configuration file. These parameters can also be used as command line parameters for the In-Memory Database binary: palo.exe for Windows and “palo” for Linux.
The Palo parameters have a short and a long form. On the command line, the short form has one dash (-) in front; the long form has two dashes (- -) in front. Examples: palo -?
/ palo - -help
.
Palo.exe gets these parameters as command line arguments and/or via the palo.ini file.
Please see Order of command execution at the end of this document. In the file …\Jedox Suite\olap\data\palo.ini.sample
you can find descriptions and examples of how to use parameters in the palo.ini.
Short form |
Long form |
Argument(s) |
Description / Example(s) |
Default value |
? |
Displays the parameters of palo.exe. |
False |
||
a |
admin |
<address> <port> |
Http interface with server browser and online documentation. An address can be a server name, an internet address or “” for all server internet addresses. |
|
A |
Loads all databases on server start into memory which are defined in the palo.csv. On/off switch. |
True |
||
b |
<max number |
Sets the max number of cells to store in each cube cache. |
100000000 |
|
B |
auto-commit |
Commits all changes on server shutdown. |
True |
|
c |
crypt |
Turns on encrypting of the database files. Newly saved files are encrypted if this is set using the Blowfish algorithm. On/off switch. Note: If “crypt” is enabled, For decryption, just remove crypt from palo.ini and on next “save” the database files will be decrypted, i.e. if a value is written to a cube, it will be decrypted (with all its files). It will not be automatically decrypted. Don’t remove crypt-key otherwise it won’t be possible to load encrypted files. Remove the crypt-key after you’re sure that everything was decrypted. Procedure to decrypt all databases: |
False |
|
C |
chdir |
Only for the command line. |
True |
|
d |
data-directory |
<directory> |
Only for command line. |
./Data |
D |
add-new-databases |
Tries to add directories with OLAP database automatically and adds them to palo.csv. |
True |
|
e |
windows-sso |
Enables Windows SSO authentication. |
False |
|
E |
extensions |
<directory> |
../Modules |
|
F |
friendly-service-name |
<service-name> |
||
g |
cross-origin |
<domain_name> |
||
G |
dump-upload |
On/off switch. |
Disabled |
|
h |
http |
<address> <port> |
Examples for http interface: |
|
H |
https |
<port> |
Sets https connection port: |
|
i |
init-file |
<init-file> |
Only for command line. |
palo.ini |
I |
ignore-journal |
Turns off recovery of data from journal files. |
False |
|
j |
device |
<bus_id0>.<device_id0> |
All available devices |
Empty vector |
J |
no-csv-save |
Turns off saving of CSV files for cubes whenever possible. Only BIN files are saved. Reduces time needed for saving. |
False |
|
k |
crypt-key |
<passphrase for crypting csv files> |
Sets pass phrase used for encrypting/decrypting of the database files. |
Empty string |
K |
key-files |
<ca> <private> <dh> |
Empty vector |
|
l |
maximum-return-cells |
<number> |
Sets a maximum limit for cells return from an area call: |
20000 |
L |
splash-limit |
<error> <warning> <info> |
Splashing limits in megabytes: |
1000, 500, 100 |
m |
undo-memory-size |
<number of bytes per lock> |
In a locked cube area it is possible to undo changes. Each lock can use <number of bytes per lock> bytes in memory for storing changes: |
10 * 1024 * 1024 |
M |
session-timeout |
<seconds> |
Specifies the idle time after which the session is closed: |
-1 (300s) |
n |
load-init-file |
Only for command line. |
True |
|
N |
engine-configuration |
[M][S][1][E] |
M – force engine to use Marker Driven Engine for rules with markers (5.1 algorithm) |
|
o |
log |
sink=- verbose=<level> |
log sink=- (Log to stdout /default) for all ‘log’ is parameter: |
sink=- |
O |
amazon-id |
False |
||
P |
password |
<private-password> |
On/off switch. |
|
P |
enable-gpu |
On/off switch. |
False |
|
q |
service-description |
<service-description> |
||
Q |
autosave |
<mode> possible modes: |
Autosaves all the databases at an exact time once a day: |
Disable, 0, 0 |
R |
default-db-right |
<right value> |
Default value for database access rights. |
D |
s |
start-service |
On/off switch. |
False |
|
S |
service-name |
<service-name> |
||
t |
template-directory |
<directory> |
Directory of online documentation: |
../Api |
T |
trace |
<trace-file> |
Empty string |
|
u |
undo-file-size |
<number of |
In a locked cube area it is possible to undo changes. Each lock can use <number of bytes per lock> bytes in files for storing changes: |
50 * 1024 * 1024 |
U |
ignore-cell-data |
On/off switch. |
False |
|
v |
verbose |
<level> |
Log levels: |
Error |
V |
version |
Only for command line. |
False |
|
w |
worker |
<worker-executable> |
worker /usr/bin/php5 / |
Empty string |
W |
use-dimension-worker |
Uses dimension worker. Can react on creation, deletion, and renaming of an element in a specified dimension. |
False |
|
x |
workerlogin |
<worker-login-type> |
Uses a worker for login |
None |
X |
encryption |
<encryption-type> |
Sets the encryption type. |
None |
y |
enable-drillthrough |
Enables cell drillthrough. |
False |
|
Y |
use-cube-worker |
Uses cube worker. |
False |
|
z |
goalseek-timeout |
<milliseconds> |
Algorithm must complete within <familliseconds>. |
10000 |
Z |
goalseek-limit |
<number_of_cells> |
Goalseek algorithm can be executed on slices with maximum <number_of_cells>. |
1000 |
( |
ntlm_auth |
<path to ntlm_auth |
“/usr/bin/ntlm_auth |
|
) |
wbinfo |
<path to wbinfo> |
“/usr/bin/wbinfo” |
|
[ |
gzip |
<level> |
Level values: 0-9 |
Disabled |
] |
zip-backup |
<level> |
Level values: 0-9 |
|
{ |
audit-blocksize |
<number> | Maximum number of rows returned for simple audit mode | |
} |
windows-sso-authentication |
|||
< |
no-archives |
Turns off saving of .archive files for cubes. | ||
1 |
audit |
See KB article Audit Information |
Disabled |
|
2 |
dump-upload-reporter |
<email-address> |
“” |
|
3 |
dump-upload-desc |
<description> |
“” |
|
4 |
enable-profiling |
On/off switch. |
False |
|
5 |
profile-interval |
<seconds> |
60 |
|
6 |
gpu-data-storage |
<G> or <R> |
G for GPU RAM, or R for RAM | |
7 |
gpu-frame-size |
<number> |
Size of GPU computation frame in megabytes | |
8 |
cube-perf-timeout |
<seconds> |
Timeout (seconds): Time which the GPU Accelerator Advisor can use for his check if the selected cube is suitable for GPU. | 60 |
9 |
gpu-dim-order |
<database=Demo&cube=Sales&dimensions=6,12,2,4,8,10> … |
Changes the order of the dimensions in the CPU storage for the GPU storage. | |
enable-password-retrieval |
Enables reading password hashes from Olap System database | FALSE | ||
password-pattern |
<regular expression> |
Regular expression used for checking password complexity when the password is changed (or a password is assigned to a new user), to enforce password complexity. When multiple password patterns are defined, the last one has priority. |
empty string | |
profile-log |
sink=syslog address=<address:port> facility=<facility> |
If profiling is enabled, it specifies the address and port of syslog server and the facility of messages ‘address’ parameter is optional with the default value localhost:5556 ‘facility’ parameter is optional with default value 0 (kern) |
profile-log sink=syslog address=localhost:5556 facility=0 | |
saml-authentication |
Enables SAML authentication mode | |||
saml-authorization |
Enables saml-authorization mode | |||
saml-certificate |
<path to certificate> | Certificate is published in metadata so identity provider can verify the signature or use it to encrypt its responses. | ||
saml-encrypt-login |
Enables encrypting of SAML login requests | |||
saml-encrypt-logout |
Enables encrypting of SAML logout requests | |||
saml-idp-metadata |
<url> |
IdP metadata XML url
If metadata is distributed as a file, or server is restricted from accessing the internet, use file://<filepath>. |
empty string | |
saml-nameidpolicy |
<NameID policy> |
SAML NameID policy | urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified | |
saml-privatekey |
<path to private key> |
Private key is used to sign requests (if enabled by saml-sign-login) and decrypt responses from identity provider. | ||
saml-sign-login |
Enables signing the SAML login requests | |||
saml-sign-logout |
Enables signing the SAML logout requests | |||
saml-signature-algorithm |
<algorithm type> |
Algorithm used for SAML signatures | http://www.w3.org/2000/09/xmldsig#rsa-sha1 | |
saml-use-logout |
Enables SAML IdP logout | |||
ssl-ciphers |
<list of SSL ciphers> |
List of allowed ssl ciphers | HIGH:!ADH:!EDH:!DHE:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!kRSA | |
failed-login-threshold |
<count> |
Starts login delay when failed attempts count for username exceeds this value. |
10 |
The following values are possible for <facility> (code or keyword)
Code | Keyword |
0 | kern |
1 | user |
2 | |
3 | daemon |
4 | auth |
5 | syslog |
6 | lpr |
7 | news |
8 | uucp |
9 | cron |
10 | authpriv |
11 | ftp |
12 | ntp |
13 | security |
14 | console |
15 | solaris-cron |
16-23 | local0…local7 |
Order of command execution
A comment starts with a “#” sign in palo.ini. The command line arguments are evaluated first, and the file palo.ini is evaluated after the command line arguments have been processed. If you start palo with -n or – -load-init-file on the command line, then the init file is not read. The load-init-file option is ignored if given in the configuration file. Parameters without additional parameters like “auto-load” or “auto-commit” toggle a state from “true” to “false” and vice versa. You can declare a “toggle” parameter more than once.
If additional parameters like “worker” or “workerlogin” are given more than once on the command line or the configuration file, then only the last definition is valid, with the exception of the parameters “admin” and “http”, which are treated specially. All the definitions supplied on the command line and in the init file are used. For example, the default of “add-new-database” is true (see palo -?). If you supply – -add-new-database on the command line but not in the configuration file, then the option will be set to false. If you supply add-new-database in the configuration file but not on the command line then the option will also be set to false. If you supply – -add-new-database on the command line and in the configuration file, then the option will be true again, as it is toggled twice.
The option “workerlogin” has one additional argument. If you supply workerlogin on the command line and in the configuration file, then the value supplied in the configuration will be taken. If the http option is supplied for port A on the command line and for port B in the configuration file, then both ports A and B are used.