Admin Preference Restrictions
Table of contents
Overview
This guide outlines the steps for enhancing security and control in DBeaver by restricting specific functionalities.
For Windows, Mac, and Linux, restrictions in the dbeaver.ini
file can be implemented, while Windows users can also leverage the Registry for additional control.
Tip: Detailed instructions on finding
dbeaver.ini
are available in our article.
Follow the appropriate steps based on your operating system and preference.
Modifying the DBeaver configuration file
- Navigate to the directory containing the
dbeaver.ini
file. - Use a text editor to open the configuration file.
- Locate the
-vmargs
line within the file. - Add the desired settings from the Configuration options, ensuring each setting is preceded
by
-D
(for instance-Dpolicy.data.export.disabled = true
) and placed below the-vmargs
line. - Save the edited file.
- Restart DBeaver to apply changes.
Using Windows Registry
- Open the Registry Editor by typing
regedit
in the Run dialog (Win + R). - Navigate to the following path in the Registry:
HKEY_CURRENT_USER\Software\DBeaver Corp\DBeaver\policy
- Create a new value for each setting, from the Configuration options based on desired restrictions.
- Exit the Registry Editor and restart DBeaver to apply the changes.
Important: Editing the Windows Registry can significantly affect your system. Always make sure to back up the registry before making any changes. For more information on how to work with the Windows Registry, refer to the Microsoft Documentation on Registry Editing.
Configuration options
This section consolidates the configuration options, applicable through Windows Registry keys and as settings in the DBeaver configuration file.
Registry and configuration file parameters
This section outlines the parameters that can be configured either through the Windows Registry or directly in the
dbeaver.ini
.
Registry key/Variable Name | Type | Default value | Allowed values | Description |
---|---|---|---|---|
policy.data.export.disabled | DWORD /Boolean | 0 /false | 0 /false , 1 /true | Restricts ability to export data from databases. |
policy.software.install.disabled | DWORD /Boolean | 0 /false | 0 /false , 1 /true | Blocks ability to install new software and access the Eclipse marketplace. |
policy.software.update.disabled | DWORD /Boolean | 0 /false | 0 /false , 1 /true | Prevents ability to check for DBeaver updates. |
connection.credentials.save.restricted | DWORD /Boolean | 0 /false | 0 /false , 1 /true | Disables the ability to save database credentials across all user profiles. |
Configuration file parameters
This section details the parameters that can be set only in the dbeaver.ini
.
Variable Name | Default Value | Allowed Values | Description |
---|---|---|---|
dbeaver.disable.secure.masking | false | false , true | Disables the masking of sensitive information in log files. |
Master password policy settings
Registry key/Variable Name | Type | Default value | Allowed values | Description |
---|---|---|---|---|
policy.master.password.disable | DWORD /Boolean | 1 /true | 0 /false , 1 /true | Disables the requirement for a master password. |
policy.master.password.policy | REG_SZ /String | {"minLength": 8, "minLetterCount": 1, "minNumberCount": 1, "minSymbolCount": 0, "requireMixedCase": true} | {"minLength": int, "minLetterCount": int, "minNumberCount": int, "minSymbolCount": int, "requireMixedCase": boolean} | Specifies the master password policy configuration. This is an optional setting, applicable only when the policy.master.password.disable policy is enabled. minLength sets the minimum length,minLetterCount determines the minimum number of letters,minNumberCount establishes the minimum number of digits,minSymbolCount sets the minimum number of symbols,requireMixedCase sets if mixed case letters are required. |