Translate

Thursday, August 29, 2013

Creating security policy settings for Domino Web Access users


To create or enforce security settings for IBM® Lotus® Domino® Web Access users, you must create a Security Policy Settings document. Although there are other security policy settings that can be created for IBM Lotus Notes® users, the settings here are applicable to Domino Web Access security, and the explanations in the table below describe how these settings affect Domino Web Access users.
For a full explanation about using policies, and the relationship between Policy documents and policy settings documents, see the "User and Server Configuration - Policies" section of this help.

  1. Make sure that you have Editor access to the Domino Directory and one of these roles:
    • PolicyCreator role to create a settings document
    • PolicyModifier role to modify a settings document
  2. From the Domino Administrator, select the People & Groups tab, and then open the Settings view.
  3. Click "Add Settings," and then choose "Security."
  4. On the tabs listed in the table below, complete these fields:
  5. Password Management Basics tab
    Description
    Allow users to change Internet password over HTTP
    This setting determines whether the Domino Web Access user preference "Change Internet Password" displays:
    • Yes (default) - allows users to use a Web browser to change their Internet passwords. Domino Web Access users use the "Change Internet Password" preference to do so.
    • No - the user preference "Change Internet Password" will not display.
    Update Internet Password When Notes Client Password Changes
    For Domino Web Access users, this setting determines whether there will be one user preference "Change Password," instead of two preferences, "Change Notes ID" and "Change Internet Password." If there is only one preference, then the Notes ID password in their mail file is updated when the Internet password is changed.
    Choose one:
    • No (default) -- User preferences include both "Change Notes ID" and "Change Internet Password" user preferences, and the user must change both.
    • Yes -- Synchronizes the user Internet password with the Notes client password. User preferences include only the "Change Password" preference, which is used to change both passwords.
    Enforce password expiration
    If you enable password expiration for any of the options, the security settings document defaults change. Choose one:
    • Disabled (default) - disables password expiration. If you disable password expiration, do not complete the remaining fields in this section.
    • Notes only - enables password expiration for Notes passwords only. For Domino Web Access users, this enables expiration for the Notes ID stored in the user's mail file.
    • Internet only - enables password expiration for Internet passwords only.
    • Notes and Internet -- enables password expiration for both Notes and Internet passwords. For Domino Web Access users, it enables expiration for both the Notes ID stored in the user's mail file and for the Internet password.
    Note Internet password expiration settings are recognized only by the HTTP protocol. This means that Internet passwords can be used with other Internet protocols (such as LDAP or POP3) indefinitely.
    Caution Do not enable password expiration if users use Smartcards to log in to Domino servers.
    Required password quality
    If you require users to create passwords based on password quality, specify that quality by choosing a value from the drop-down list. To use length instead of password quality, continue to the next field.
    For Domino Web Access users, password quality settings are enforced when the Notes ID is stored in the user's mail file and the password is changed via Domino Web Access user preferences.
    Use length instead
    If you require users to create passwords based on length, click Yes. When you do, the "Required Password Quality" field changes to "Required password length." Specify the minimum password length here.
    For Domino Web Access users, password quality settings are enforced when the Notes ID is stored in the user's mail file and the password is changed via Domino Web Access user preferences.
    Custom Password Policy tab

    Change Password on First Notes Client Use
    Require users to change their passwords the first time they log in using Notes. For Domino Web Access, users must change the embedded Notes ID password before using it the first time.
    Note This works only if the policy is applied during user registration.
    Keys and Certificates tab

    Specify the number of days prior to certificate expiration at which the user Warning period receives an expiration warning message.
    Related topics

0 nhận xét:

Post a Comment

 
Design by IT Manager | Bloggerized by Themes For IT Managers | MIS-DUONG