Filter
Top Products
Mitel NuPoint Messenger Technical Documentation - Release 7.0
Console
The server maintenance console is the primary point of entry for configuration and administration,
and therefore one of the most critical factors in security console access is protected by a login
sequence. The server requires a user ID and a password that verifies a user before allowing
access to any menu.
User ID
A user ID is a unique representation of a person’s identity within the server. Each user ID is
associated with one real name, though one real name can be assigned multiple user IDs. During
the login sequence, you are identified by your user ID, the terminal device, and the module where
you logged in. Each subsequent activity you perform during a session at a server maintenance
console can be recorded in the audit trail (see Security Reports and Audit Trails, later in this
chapter, for more information on the audit trail).
The server superuser can display all current user IDs, along with the name, password, permission
categories, and other statistics associated with them, at a server maintenance console (see “List
of Authorized Users” in the Reports chapter). A user ID can be up to 17 characters.
The server superuser’s ID,
root
, cannot be changed.
Password
A user ID can be verified by entering an optional password. The same password can be used
with different user IDs. The server superuser and console users each have their own password. A
password must meet the following requirements:
• Its length is six to 30 alphanumeric characters, but only the first 8 are used.
• It cannot contain a substring of the user ID that is four or more characters. For example, a
user ID of mark61 cannot have the password markey4! or n=ark60 because each contains
substrings that are part of the user ID (indicated in bold).
• When you change your password, the new one cannot be the same as the old.
When FPSA is implemented, password requirements are strengthened. See “Functionally
Partitioned System Administration,” later in this chapter.
To set a password (without FPSA), use the Change Password option. The server stores
passwords in one-way encoded form. When you enter your password, the server encodes it then
compares it to the stored password. If you forget your password, only the server superuser can
reset it. There is no mechanism for decoding a password to tell it to a person who forgot it.
Each time you log in thereafter, the server displays the date and time of your last login. The
server also displays the number of your unsuccessful attempts, if any, since the last login. You
should review this information every time you log in.
Modem
A modem on a serial port of the server can be used by you, or by anyone else, to gain access to
all of the server maintenance and configuration capabilities. You should take care to protect this
access point from abuse. If you do not intend to perform any remote maintenance or
administration, you do not need to connect a modem to a serial port. The same login sequence
described above applies to any remote access using the modem.
©
Copyright 2002, Mitel Networks Corporation 140