Server Configuration

This section covers the information needed to login to the running NIM VM server and configure the network and server connections.

Login Credentials

After starting the NIM VM you will be presented with the NIM prompt.

Enter the username: nim

The default password is: password

You may change the default user password using the following command:


The default root password is: password

You may change the default root password using the following command:

sudo passwd


NIM needs a static IP address to be accessable on your network. You must change the default settings to reflect your network settings. Please check with your network administrator to obtain a static IP range, default subnet, gateway, and DNS server information.

Setup Network Script

For easy network configuration use the nim-setup-network script to configure the VM network settings.

  • At the NIM server prompt enter:

    sudo /home/nim/nim-setup-network

IMPORTANT - Be sure that the IP Address you select is unique on your network and is outside any available DHCP range.

In a typical configuration the Subnet Mask, Gateway, and DNS Servers will match those of the host computer.

Leaving a field blank and pressing enter will reset the entry to its default value.

You will be prompted to enter the following information:

  • IP Address - the IP address you wish to assign to the NIM VM (Default:

  • Netmask (Subnet Mask) - the subnet mask of the network the NIM VM will reside on (Default:

  • Gateway (Router) - the gateway address for the network the NIM VM will reside on (Default:

  • DNS Nameservers - the DNS servers available on the Network (Default:,

After entering all data you will be shown the proposed updates and prompted if you would like to make these changes.

Press y to confirm your changes or n to cancel.

Available Flags:

  • -h : Help Mode - This flag displays a description of the script as well as the current network settings

  • -d : DHCP - This flag sets the network interface to use DHCP

Mounting Servers

If you plan on using NIM to manage your project structures and use the 3rd party connectors to organize your files you will want to mount your file servers on the NIM server. A single file server is all that is needed, however you can mount multiple servers as needed per your facilities needs. Typically facilities with multiple locations will want to mount each of their file servers and assign it a location in the Administrative panel.

Shared Folders

If you are using VirtualBox as your VM hosting software you can easily setup mounted folders on the NIM VM using Shared Folders.

Please refer to the Virtual Appliance documentation for more information.

Create Mount Points

You can manually mount any share type that Ubuntu natively supports. The NIM VM is delivered with NFS and CIFS support.

IMPORTANT: By default, NIM runs as the www-data user. The www-data user will need read/write permissions for any project location. You can change the user that NIM runs as by following the instructions in the NIM Knowledge Base article: How to run apache as an alternate user

NFS Mounts

Here is an example command to mount an nfs share:

mount -t nfs /n/isilon

The above example assumes your servers IP address is and is sharing a folder at /ifs/raid. On the NIM server this share will be accessible at the /n/isilon folder. Replace the IP address and directories with the information that matches your network configuration.

To make this share permanent you will need to edit the /etc/fstab file (with root privilages). You can edit the file using the vi editor by typing the command:

sudo vi /etc/fstab

For a basic nfs mount using the above example, add the line below to the bottom of the file and save:          /n/isilon               nfs             defaults        0       0

To test the mount issue this command:

sudo mount -a

If there are no errors try rebooting the VM. The new share should mount automatically.

As with the command line example replace the sample information with the information that matches your network configuration.

CIFS Mounts

Here is an example command to mount an cifs (Windows) share:

//wserver/share    /ubuntushare    cifs    uid=www-data,username=server-username,password=server-password,iocharset=utf8,sec=ntlm    0    0
  • wserver - the server you wish to share… ie your windows share

  • ubuntushare - this is the mount point (folder) for the share on the NIM VM.. ie /media/myWindowsShare

  • www-data - this is the actual username that NIM uses to access data and needs read/write permission to the share (should NOT be changed)

  • server-username - this is the username for the windows share allowing the NIM VM to access the share

  • server-password - this is the password for the windows share allowing the NIM VM to access the share

For example:

If you have a Windows server with the IP of and a shared folder called PRJ and on the NIM VM you want that folder to be accessible at /media/windowsPRJ and the username and password that has access to the windows share is Jim and jimsPassword

To make this share permanent edit your /etc/fstab file (with root privilages) and add this line:

//    /media/windowsPRJ    cifs    uid=www-data,username=Jim,password=jimsPassword,iocharset=utf8,sec=ntlm    0    0

To test the mount issue this command:

sudo mount -a

If there are no errors try rebooting the VM. The new share should mount automatically.

Please refer to the official Ubuntu documentation for specific details on adding different types of shares to the server.

VM Security Lockdown

The NIM VM is provided with security that fits most in-house installations on a trusted network behind a firewall. If you plan to expose the NIM VM to the outside world via HTTPS we have some recommendations to follow to secure the VM and your data.

phpMyAdmin Access

NIM ships with phpMyAdmin available to directly administrate the database if desired. You will want to limit access to this page to either a predefined IP address or local access only, requiring users to create an SSH tunnel prior to connecting.

On the NIM VM edit the following file:


Navigate to the section starting with:

<Directory /usr/share/phpmyadmin>

Add the following lines at the top:

Require ip 192.168.X.X/24 #Replace 192.168.X.X with your ip/subnet mask

HTTPS Access

Turn off HTTP access on the NIM VM restricting all traffic to HTTPS. We provide a script on the VM “nim-ssl” that will allow you to do this easily. For more information on modifying the accessible web ports, please refer to the nim-ssl section of the documentation.

Firewall Configuration

If you are planning to allow NIM to be accessible from outside of your network, you will need to open ports 443 (HTTPS) and 8081 (Messaging Service) from your firewall to the NIM VM.

SSL Certificates

The NIM VM comes pre-installed with a self-signed SSL certificate. To install your own certificate, copy your .crt and .key files to the following locations renaming the files to match the following:



The .crt and .key files must use this exact naming convention as the files are referenced directly by other areas of NIM.

Optionally, you can include a server certificate chain file. NIM does not come with this file pre-installed, so in addition to placing the file on the VM, you will need to modify the Apache configuration file.

Copy your server certificate chain file to the following location:


Once the files have been placed on the VM, you will need to edit the Apache configuration file:


First, add a line within the <VirtualHost _default_:443> section directly below the ServerAdmin entry similar to the following, replacing with your domain name:


Next, find the section that begins with Server Certifcate Chain and uncomment the line that reads:

#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

To uncomment this setting, remove the # at the start of the line so that it matches the following:

SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

Your certificate chain file maybe be named differently and include different extensions including “.ca-bundle” for example. The certificate chain file can be named anything you like, but we recommend keeping the default naming convention.

Once the default-ssl.conf file has been updated, the syntax can be validated prior to restarting Apache using the following command:

apachectl -t

If everything is correct, the following message will be displayed:

Syntax OK

For the settings to take effect you will need to restart the Apache server. This can be done by issuing the following command:

sudo service apache2 restart

API Keys

By enabling NIM API Keys, anyone accessing the NIM API is required to have a generated API key that is created per user. These keys can optionally have expiration dates. Anyone without an API key can not access the NIM API or use the NIM Connectors. Additionally, when API Keys are enabled, user access will be restricted by any established permission and security groups. When API Keys are disabled, API requests are fully accessible and not filtered by applied user permissions. For more information on activating API Keys, please refer to the API Keys section of the documentation.

Security Update

Run the latest security updates for Ubuntu. Security updates are not part of NIM’s updates and can be run at anytime by the user using the command “sudo unattended-upgrade”. For more information on running VM security updates, please refer to the VM Security Updates section of the documentation.

Password Strength

Set a minimum length and required characters to enforce stronger user passwords. For more information on running VM security updates, please refer to the Password Strength section of the documentation.

CLI Password

Change VM command line password for the “nim” and root user:

To do this first login to the NIM VM command line as the “nim” user:

Use the following command to change the nim CLI password:


Use the following commands to change the root CLI password:

sudo -i passwd